One place that the cloud vendors are still playing catch up to the mainframe computing world has to do with security policies and access controls. In many cases, access is an all-or-nothing proposition, meaning that once a user authenticates to the cloud, they have the freedom to do a lot of unintentional damage to start and stop a virtual server or make other mayhem inside the entire cloud environment.
Some cloud providers are better about this than others, and allow virtual networks within a particular environment or other means of segregated access for individual users. There are also third-party security tools, such as Hytrust's Appliance for VMware and Reflex Systems vTrust. Both of these allow more granularity so that users can run the applications on a virtual server but not reconfigure or turn off the server itself.
Hytrust's appliance allows you to set policy rules, so that individual users can't move, stop or otherwise alter a particular running VM.
ITworld contributor, David Strom, provided the response to this question.
This is an excerpt from the article 12 questions to ask your next cloud computing.