This question has been brought to light in the wake of the celebrity photo scandal this week.
The answer to that largely depends on how the Cloud service is configured. The recent event with Apple iCloud cannot be entirely blamed on Apple. This was a targeted attack against celebrities and likely targeted their Cloud storage regardless of the vendor that provided it. This should not diminish confidence in the benefits and security that the Cloud can provide. This should, however, raise the issue that all vendors, especially Cloud vendors, must be managed. The Cloud architecture certainly makes information more available than ever before, but the information can be just as secure or more secure than if it were in your own office.
To help in the understanding of the different types of Cloud providers, consider this infographic:
Netgain can be considered a Hosted Private Cloud provider. We segregate the networks and virtual machines of each organization to assure that they cannot mingle. We also do not offer any portion of our offering to the general public. Each segregated segment of our infrastructure is dedicated to a single client and we sign contracts to commit to keeping the information within our control.
Our clients still need to follow strong password practices and avoid falling victim to phishing attacks. While we have measures in place to mitigate risks associated with phishing attacks, nothing is as good as not falling for the phishing attack in the first place.