I have recently had the opportunity to attend a panelist dinner organized by NaviSite and CISCO. That was a great networking opportunity, as I got a chance to chat with many CIOs from companies ranging from 10s of millions to billions of dollars of annual revenue.
I was really interested in discussing the theme of cloud security, and I noticed that most of them believed that information in the cloud appeared to be more secure than in a physical environment. This is an opinion that I subscribe to.
Enterprise cloud providers like NaviSite offer managed services that include monitoring and security. Enterprise cloud platforms like the Cisco UCS are also architected to be not only scalable and reliable but very secure. They have professionals that are configuring the cloud environment according to your needs, and security options are included. In a physical environment you need experts to set and manage the security, which might cost more and take longer to set up.
In a cloud environment, these security experts that are on staff managing your services make the cloud a more secure environment. Once you set up the needed tools firewalls, load balancers, etc, it is easy to clone them and the initial security patterns are being kept.
Another advantage of the cloud in terms of security is that it is utility based. If you use a managed solution, that is flexible, allowing you to pay for its utility, even if you are a small company, then security should be packaged in.
Basically, the company size does not matter, because the cloud solution should offer you and make you pay for the exact resources that you use. What you pay for might be an added cost for managing the cloud solution and the fees are depending on the kind of management that you use (with built-in security).