So if cloud storage services are an enabler in your business—either as a platform for the whole company or simply used piecemeal by some employees—then ideally you want to be able to manage the keys. This is usually known as private-key encryption, and is so secure that, for example, as stated by SpiderOak, if you lose the key, they can't help you. It's gone, there's no other way to decrypt it.
This also means, naturally, that should a service be compromised, or the provider receives a legal request, or an employee abuses access, or a third-party buys the company... or any of the things we can't think of—then your data won't be readable. Only you, or your employees, have the key.
Fortunately, a number of cloud storage services do provide private-key encryption. Determining these can be a little like sifting the wheat from the chaff, but beyond explicitly stating it on their web pages there are other tell-tale signs—for example, some services provide an extra layer of protection by scanning uploaded documents with a virus scanner like McAfee. Nice to have, but this could only be possible if the data you're uploading is readable, ergo not private-key encrypted.
See the embedded table for a breakdown of the services that provide private-key encryption. There are a lot of other features to look at too, which we'll get onto in a moment. Even if your business isn't currently looking to use an enterprise class cloud storage solution, with the consumerisation of the workplace where even the best network security doesn't mean much if you have employees uploading data to third-party cloud services from their smartphones over 3G, it helps to be able to set a policy detailing which services are 'safe' for employees to use.