I hope this is the right forum to post this query. We are software development company. We plan to host some web solutions for our customers at our data center. I would like to know what the security considerations (like regular Vul. assesement/Pen tests, patching systems etc) that needs to be taken into account before hosting any web applications at our data center. We are planning to have a policy for the same. Any web based resources could be useful.