Cloud security should never be a developer issue