Just read an article from Shad White, CEO of cloudPWR: Double standard–corporate banking transactions, cloud file storage – FierceContentManagement. I like Shad because he cuts through some of the misconceptions, fears and concerns businesses have with being in the cloud.
The Internet and consumer services (particularly social) have brought data security and protection into the mainstream. I agree with Shad that cloud services by themselves aren’t the culprit in data protection problems–a lot has to do with human behavior.
Email attachments have probably been one of the biggest causes of dissemination of sensitive data in the history of computing (I’m being a bit of a hyperbole, but you get the point). What if you had a link to the data instead of the actual document itself? You could then have a security layer over the content (i.e., authentication and authorization — who are you and are you allowed to see this content), yielding better data protection.
To play devil’s advocate, you have to do some vetting of your cloud service providers. With the extremely low barrier to entry for technology companies, you have some risk of “fly by night” providers that may or may not be treating your data right. You’ll have to do some homework (or talk to guys like Shad to help you navigate those waters).