King wrote in a blog post published Wednesday that businesses must develop security protocols such as multifactor authentication, role-based access controls, log monitoring, application vulnerability scanning and security governance.
He urged enterprises to provide information on the location of data, in addition to the technical, administrative and physical security measures in place at the site.
King cited a study that indicates outsourced network security and management services are less vulnerable to attacks.
“Most enterprise-class cloud providers have rigorous security methodologies in place (for their own business models to be successful) and in many cases enterprises that outsource to a cloud provider can improve the security controls for their organization,” he wrote.
He also called on enterprises to store certain data in a managed data center and keep client-facing applications in cloud environments.
“The hybrid cloud infrastructure approach allows companies to leverage their existing infrastructure and retain control of sensitive data in-house while using the cloud to realize cost efficiencies and scale,” he said.