Putting it in the hands of a third party - outside the firewall, on multi-tenant boxes - emerged as a security risk too far in survey after survey, despite widespread awareness of the cloud's potential to deliver business benefits, cost savings and strategic opportunities.

The cloud has evolved. Public clouds have been joined by private clouds, and hybrid clouds, and other variations on the theme, and use of them is increasing.

However, finance chiefs remain cautious. When a recent Deloitte survey found half of CFOs using cloud computing or planning to within two years, a whopping 89 percent were, perhaps understandably, still citing data security as their main reason for holding back. Meanwhile, uncertainty about the location of data concerned just 44 percent, and legal issues 40 percent - and this may need to change.

"This is a complicated area," says Alistair Maughan, a partner at the international law firm Morrison Foerster.

The explosion in cloud computing has increased use of third party service providers, and some of them in turn use other third party providers to host and backup data, so its physical location can be hard to pin down (a problem), as can the legislation that applies to it and the jurisdictions in which this can apply (another problem).