Application should include
cloud security controls
third-party cloud security solutions.