Last week, the Cloud Security Alliance released v2.1 of their security guidance. Rich Mogull was one of the two editors, and I was the outside reviewer. Securing applications and systems which are in someone else's possession is quite a challenge, and hopefully these guidelines will be useful for addressing the profound challenges.