As enterprises embark on their cloud computing journey, tactical as well as strategic elements that complement existing security capabilities must be considered. The enterprise must demonstrate legal and regulatory compliance. The key considerations are federation across cloud service providers, protection of information, need to segregate computing environments into trust zones and security business intelligence to support operations, investigations, and forensics. This paper will walk through these four elements in order to provide guidance on some of the extended elements of cloud computing security.