When a cloud provider builds a data center, they do so by putting it in the most affordable or geographically available location. Often, the cloud user is not aware of where their data is being stored. It can be stored in countries that have specific regulations on security and may have access to your information. Moreover, the government in the area where the data center is located now has the means to access your personal data and information. Also, there comes the concern of if your contract remains terminated. Cloud providers are “supposed” to permanently delete your data. But, there are numerous reports of where cloud providers do not rid of your data and store it in a separate data center. There are disputes on who is liable for interruptions, loss of data, cloud outages, and data theft. Cloud providers declare in their agreements that they are not liable or responsible for any of these occasions and they are not liable to reimburse for lost, stolen, or interrupted data. The cloud-based identity management system known as IDMS differs from traditional IDMS in that it requires, provisioning, synchronization, entitlement, scalability, and dynamic governance of access control. In addition, the cloud IDMS needs to update and synchronize the identity information to avoid conflicts caused by the use of old user data. Managing highly sensitive identity information in the cloud environment causes many privacy and confidentiality issues. In addition, the security requirements are different for each CSC. Therefore, it is very important to choose the most appropriate ID management system that best supports CSC's security requirements.