Before you can mount a defense, you need to know what you’re defending against. And when your data is in the cloud, defense gets more complex. There’s a whole meteorology of cloud risk patterns to analyze, so we’re here to help you focus.

SEE: Essential reading for IT leaders: 10 books on cloud computing (free PDF) (TechRepublic)

Here are five cloud security risks you need to know about:

1. Shared space. Yes, your data is supposed to be in its own container, but that virtual container sits on the same physical machine with many others. Good cloud services take steps to prevent other customers from accessing your container.

2. Encryption. Your data should be encrypted at rest and in transit, even when it’s being accessed by the cloud service’s own applications. Even more often overlooked is what steps cloud providers take when they dispose of your data.

3. Secure transfer. All that encryption means nothing if you access it in an insecure way say with an http command. Make sure your data is always encrypted and authenticated with a standard protocol like IPsec.

4. What about the API? A weak software interface could let someone into all your data, secured or not. Find out what the cloud provider does to lock down its API.

5. The users. We humans are always the weakest point in any security scheme. Find out as much as you can about the people who handle your data for the cloud provider and who at their company has what access. And train your people as best you can not to get phished.

Now you not only know what to be on the lookout for, but you can choose better cloud providers based on how they say they’ll deal with these risks

For more on cloud security, check out these articles: