The cloud is compelling and in many cases necessary for organizations to effectively operate. Cloud security, on the other hand, is not as clear. Many cloud services need a hook into the on-premises environment in order to synchronize users and groups. Additionally, cloud security controls vary by the provider in availability, capability, and cost. This results in a disjointed view of user authentication, security, and potential configuration issues. This talk explores some common cloud configuration scenarios and associated security issues.