Are clouds less secure?

There’s an interesting response from Chris Hoff over at Rational Security to my GigaOm piece about cloud computing and security. Chris makes some great points (and flagged a good study on computer fraud that refutes some of what I said.)

Worth a read. What do you think? Are clouds less secure than in-house computing? The usual answer seems to be “it depends” — but what does it depend on? Can we come up with some rules for what’s safe to do in a cloud and when?

Maybe I can convince Chris to come to Vegas and get into a pointed argument about cloud computing risks.