<Dd> Various information security concerns relating to the IT and other professionals associated with cloud services are typically handled through pre -, para - and post-employment activities such as security screening potential recruits, security awareness and training programs, proactive . </Dd> <Dd> Providers ensure that all critical data (credit card numbers, for example) are masked or encrypted and that only authorized users have access to data in its entirety . Moreover, digital identities and credentials must be protected as should any data that the provider collects or produces about customer activity in the cloud . </Dd> <P> Scanning could from outside and inside using free or commercial products is very important because without a hardened environment your service is considered as a soft target . Virtual servers should be hardened like a physical server against data leakage, malware, and exploited vulnerabilities . "Data loss or leakage represents 24.6% and cloud related malware 3.4% of threats causing cloud outages" </P> <P> Scanning and penetration testing from inside or outside the cloud require to be authorized by the cloud provider . Since the cloud is a shared environment with other tenants following penetration testing rules of engagement step - by - step is a mandatory requirement . Violation of acceptable use policy which can lead to termination of the service . </P>

Explain your view on cloud based products from a security perspective