Once companies have made the decision to deploy cloud services--or even before they've made the decision--they need to ensure that adequate security is in place to safeguard information in the cloud."Security is by far the biggest concern and can be something that's addressed at all levels," Garvin says.

"For example, software developers can learn techniques to employ when creating applications to eliminate some security threats such as , while other security safeguards can be implemented in the hardware. Our thought is that the most robust security is going to have to come at the hardware level, as it will always be possible to hack code in the cloud."

Garvin says one of the most impressive hardware solutions is Intel's Trusted Execution Technology, which provides processor-level extensions to create many separate execution environments, known as partitions. This is useful in cloud security, she says. "It also provides for secure key generation and storage, and it checks the BIOS upon execution to detect tampering," she says.

IBM has also been doing something similar with chipsets used in embedded systems and mobile devices as part of its Smarter Planet drive, Garvin says, and these could help with cloud client security. "Built-in capabilities in chipsets provide for hardware storage of security-related data like keys, certificates, data and checksums, and also provide some assistance in encryption and decryption," she says.

Silva says it's especially important that companies evaluate the level of visibility, controls and security in place at the cloud provider. "The biggest threat is [not] understanding the risk profile the provider brings to the table," he says.