A few brilliant sites:
a. CSO online has great material on good options for securing the cloud. here
b. OpenVPN Access Server seems like a good to use VPN if one wants a VPN connection to protect the machines from the internet. [They have an AMi that is optimized for AWS too! Yay!]
c. Cipher cloud, Porticor etc seem to do a decent bit as far as tokenizing data and encrypting them is concerned.
I am looking at Veeva, Ravello and such too. [I remember that AWS provided one more solution for inter-subnet data transfer at cheap rates w/o passing the internet. Is it Vyatta? ?Need to check.
What is being used otherwise? Tips and tricks should always help!