Cloud computing provides a wide array of mechanisms for data to be accessed. Understanding the following questions from business requirements and technical implementation perspective will help to ensure a cloud computing environment that meets your user and information security requirements:

• How will your organization's data be utilized?
• Who will be accessing the data?
• What controls need to be in place to protect the data?

Some questions to consider related to data access include:

• How will your organization's information be utilized?
  • This goes back to understanding the needs of your business/mission and performing the necessary data categorization activities
  • Understanding your organization's data and its sensitivity to the organization's mission is critical to establishing an effective architecture that will meet your mission requirements
• Who will have access to the information?
  • Ensure that you address all potential data access requirements from a permissions and user roles perspective
• Where are users coming from?
  • Are users coming from your corporate network, partners, public Wi-Fi? Understand all your potential scenarios so that you can build strong conditional access policies.