Cloud Computing security

Systems were once considered secure yet no matter how secure you think you are one day, it gets less secure each day (with new vulnerabilities, etc.) and face it; growth is directly proportional to threat. The more data you store, the more system/hardware you use to store the data, thus, increasing the number of potential attack vectors or points of failure/exposure and inherit risk. So whether you considering SAAS or PAAS (software/platform as a service), you may be putting all your eggs in a single data center basket yet it’s in virtual space where everyone is storing there data….and cyber criminals seeing pot of gold.

I often wonder how cloud providers decouple and preserve commingling of data, connections and exchanges at a price that is still cost beneficial than traditional and proven methodologies. And, if feasible to do so, then at who's cost?
Ever tired auditing a (managed) service provider at will and being allowed to inspect all security controls including privileged user access related to the storage and processing of your data from ingress to egress points (i.e. the entire “cloud”)? Once you actually figure this out and concludereasonable assurance in leaving your data with someone else (and the control effectiveness), who is really responsible when something happens in the eyes of the law. Hence, jurisdiction, regulatory compliance and due diligence, and liability (flexible enough to meet your business and technical needs day-in and day-out).

Finally, who really benefits from cloud service offerings? You leave your data there and they are able to massage the data, analyze trends/behaviors; and even if direct revenue is not generated (yet), think about the competitive advantage that can result!

So is it hype or strategic advantage? What is the long-term viability for the current cloud services offering?

Gartner and quadrants did you ask, http://www.gartner.com/DisplayDocument?id=685308