Third-party reviews can help, said Dana Simberkoff, Chief Compliance and Risk Officer at Jersey City, NJ-based AvePoint Inc.
"Many leading cloud service providers -- including Microsoft, Amazon and Box -- have already taken steps to document and certify their cloud solutions," she said. "But the obligation still falls on a company to evaluate their cloud provider."
There's also the FedRAMP accreditation program, which certifies that a vendor can secure data in the cloud, said DLT's Rubal.
Finally, there is a growing ecosystem of vendors who provide third-party visibility, security and monitoring services, said Splunk's Merza.
Sign up for CIO Asia eNewsletters.