The cloud has a major role to play in a two-tier security approach with some recommending that some forms of protection are hosted well away from a customer's network.
Despite the tendency from some users to take an all-or-nothing approach to the cloud there is an increasing realisation that some applications including spam and web filtering can be done more effectively in a hosted environment.
"The cloud is neither more or less secure than what has been done traditionally it's just different," said Rich Mogull, analyst and CEO of Securosis.
He added that in tackling the twin challenges of cloud and mobility the cloud could play a role acting as first line of defence allowing the in-house protection to be much more focused.
Michael Hughes, vice president of worldwide sales at Barracuda Networks, said that it was advising resellers to tell customers that the cloud should be used as part of a security strategy.
He added that although the message about using cloud in the security mix was still gaining ground it made economic sense in many cases for customers to harness the power at their disposal from hosted security services.