What the Public Cloud IT Security Best Practice?

Here are some Public Cloud IT Security Best Practice:

• Conduct a full risk assessment before you contract with any cloud provider. 
• Look at how your own security works in a cloud environment.
• Check that your providers are fulfilling their SLAs and contracted obligations.
• Implement a strong ongoing governance framework.
• Plan for how you’ll respond to and remediate problems.

all security areas:

1. basic securty (password,authntication,lock your system)
2. data center phisical security
3. cloude infrustrcture security
4. policies
5. application security

There are two aspects we need to consider. 

Functional aspect of Security - Macro focus 

Technical aspect of Security - Micro focus

If  we can drop our concern in two buckets first and then evaluate would be great. 

e.g: 

• Check that your providers are fulfilling their SLAs and contracted obligations. will go to "Functional aspect of Security"

What encryption we are using and vendor is supporting will go to "Technical aspect of Security"

My viewpoint is to create the security framework and define all the artifacts prior to taking infrastructure to cloud.