I'm afraid I agree with just about every comment. And for the sake of completeness, I will add that the odds of a security failure are multiplied many times over. I do believe that there is a time and place for almost anything, even cloudish services, but for a business, the problem is the huge number of compounded failure modes.

As most (or all) of us know, at best, these services are sold to businesses by the overenthusiastic, and too often, both sides of the sale are manned by the under-informed. Big firms, of which I am intimate with a few, need to find new products and new pitches, and the new pitch part of that equation is far, far more important than any real "newness" of the product. The cloud falls in this category.

What sensible sounding approaches I have heard regarding "clouds" are those where the principles are pulled into a private data store. At which point one is discussing pretty much the same tools (and concerns) we all have regarding resiliency, redundancy and availability--not a means of ducking responsibility for those three requirements.

I don't care what the contract says, when it comes down to the wire, the cloud purveyor will want to bet that his business can survive the falure of your business--and likely continue to make that same bet until you're gone or you're both over the cliff. The cloud purveyor believes he has to bet on himself--he believes his personal and business survival is more important to him than your survival. Moreover, there is no honor on Wall Street and, consequently, very little in big business. They expect to lose some customers, and that customer they are willing to lose might be you.