"Your company has decided, quite sensibly, that it wants to move its application infrastructure to a data centre rather than living with the risk of an on-premise approach."
Out of curiosity, how does adding one or more levels of abstraction make for a more sensible approach to corporate security?
Not trying to needle anybody, I'm truly curious where this mind-set comes from. Can anyone explain the concept in a way that makes sense to this jaded old sysadmin?