According to a new post on CRN's website, Ben Tomhave, principal consultant at applications company LockPath, said that businesses must build a governance, risk and compliance program, or GRC program, when creating a security strategy for cloud computing. There are also providers of cloud-based email and other programs that will help manage security for companies so that there is less worry.

"A GRC program is more than just a platform - it's a management discipline," Tomhave said. "That truth becomes even more self-evident as data and applications escape into the cloud. When employees need only a credit card to circumvent the majority of IT policies, it becomes clear that it's time for a sea change in ground rules. That change comes by way of building a modern GRC program."

He said a GRC program gives a company enhanced training and awareness within the cloud, a legal defense and "survivability strategy," better formalized methods and policies and the ability to break down and audit the quality of service being received from the cloud.

George Crump writes on InformationWeek that security is critical for any size of organization using cloud computing. He said at minimum a business needs a solution that encrypts data at rest in the cloud. Cloud services providers will be able to help businesses encrypt and secure files in the cloud.