Is your data safer with a 3rd party then you?

In a comment to my article on security and control today, someone from Salesboom.com (I don't know this company, so am not biased one way or another here), comments that most companies would do a better job trusting their data to a 3rd party SaaS vendor than trying to secure it themselves.  He made another point about what is important to customers according to a recent study.  OK, thanks for the comment, let me respond.

On the issue of a 3rd party company being safer than yourself, I disagree.  The reasoning cited is that after all, these companies are not in the business of security, but rather in the business of selling something. OK, so are you telling me that salesboom.com or whoever are in the business of security?  Excuse me but it looks like you are in the CRM business and at best security is a factor you will look into depending on how important it is to the customer paying you.  This does not put you in any better position to secure my data than I can.  Except when I am in control, I can directly decide how I want to manage that risk.  This leads to the second point about how important security is to customers.  This goes to the heart of my earlier article and the blog from nCircle.  If security is not important to you, then of course you are going to be more willing to look as SaaS.  If it is, I think you need to look long and hard at this and put your vendor to the test regarding their security.  Especially if their are compliance issues at play.  Just because you outsource, does not let you off the hook!