This is a telling and scary article around the cracking of Twitter by “Hacker Croll”.

http://www.techcrunch.com/2009/07/19/the-anatomy-of-the-twitter-attack/

Now going back to Hacker Croll and his list of Twitter employees and other information. Twitter just happens to be one of a number of a new breed of companies where almost the entire business exists online. Each of these employees, as part of their work, share data with other employees - be it through a feature of a particular application or simply through email. As these users become interwoven, it adds a whole new attack vector whereby the weak point in the chain is no longer just the weakest application - it is the weakest application used by the weakest user.

[Emphasis mine]

If you intend to interweave your business with online (cloud) apps and you don’t intend to impose strict security guidelines on your employees then your company is open to EXACTLY this sort of attack.

Keep critical business docs locked down.

Put a wall up between you and the cloud.