It doesn’t take long for Tom Fisher to hear the word “security” in his conversations with CIOs.

 

“Some of the CIOs I talk to are very familiar with the cloud and the challenges it presents and security is always one of the top three issues they bring up,” says Fisher, the vice president of cloud computing for SuccessFactors, which touts more than eight million users of its secure, cloud-based human resources suite.

 

Fisher has a checklist users can consult for evaluating the security surrounding cloud infrastructures and cloud applications.

 

The list includes “frequency of malware, vulnerability scanning, unique capabilities inside the app that prevent things such as SQL injections,” he says. Fisher will complete the list that has 30-40 entries during his presentation – SuccessFactors’s Vision for a Secure Cloud – at July’s Cloud Identity Summit.

 

Fisher’s series of questions is designed to help users determine which service providers are drawing plays in the sand and which ones have a well-defined and implemented security plan.

 

“It’s all about protecting the integrity of the application, and more important, the customer’s data,” he says.

 

Fisher says that those fretting over security in the cloud should compare the number of breaches in the cloud with the compromises that happen on laptops carried out of organizations each day.

 

“If there is a breach in a cloud application the likelihood that a subscriber will be affected is high. Given that case, the value of our company will drop dramatically so we are incented to make sure security is a high priority,” he says.

 

For SuccessFactors, security is layered, from single sign-on at the application layer to encrypting data from the database to the browser.

 

The security theme centers on the cloud being safer than on-premises computing.

 

“I have a position that I take and I encourage CIOs to come back at me.”

 

 

Follow John on Twitter and check out our Identity-Conversation Tweet list