This document discusses security considerations for cloud and mobile architectures. It notes that internet and mobile device usage has grown dramatically in the past decade. However, many mobile users do not password protect their devices and multi-factor authentication is often not used for mobile apps. The document then discusses issues like mobile device management, OAuth usage for APIs, and approaches for single sign-on for native mobile apps. It advocates for secure data channels and API management to help address vulnerabilities in an increasingly mobile and cloud-centric landscape.