In regards to KamiCrazy's post, he / she asked a very important question:
"I don't have anything specific to add to the discussion but I do want to bring up that going to the cloud you are essentially outsourcing your IT. Or at least part of the infrastructure.
Is that acceptable to your organisation?"
It's interesting that this topic came up, and that this question comes up, as a major provider of webhosting services recently (within the past couple of weeks) had their customers websites defaced. While it was likely some 'script-kiddie' looking for a thrill - they posted images similar to what might be posted on islamic militant and terror groups' sites - it still doesn't bode well for the customers, whose sites were defaced. One such site was for a county government's Health Department. While defacing may or may not have been the worst thing that could have happened (they also had scripts on there to auth to employee data, email, and others, so it could be a lot worse, if the attackers would've gained access to said data through XSS to gain passwords, etc,) ultimately, you have to decide how worth the costs it can be, if you're allowing the security of your 'public image' and public site to be hosted by someone else.
I'd agree fully with savingpvtryansdad, in that it certainly does make things easy for end-users and customers, sometimes, but can be an overall nightmare for IT staff, to try to manage services and security that are out of their control, to whatever extent.
~ hayabusa ~
"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'
OSCE, OSCP , GPEN, C|EH