Most web based software stores data that you supply with them for your to manipulate inside of their systems. It makes life easier for the users of the software. But whose data is it?
It belongs to to the individual that caused the data to be input. Web based CRM and ILM tools are the biggest ones used in our industry. While some are client based, you have to install software on your computer to interface with their system, most of the data is stored on someone's system that you do not control.
In the event of software managed locally on your corporate mainframe you control you still need to make sure that your data is protected. We have all heard the stories of credit card processing companies, the Veteran's Administration and others having internal and external data compromises.
Not only do you need to have trusted people managing this information you must make sure that you maintain physical back ups of all of your proprietary data. Back it up and store it somewhere besides on your local machines.
There are many online data storage companies that can help with this in addition to having physical hard copies on tools such as cds, usb drives and external hard drives.
Don't think there is much risk in not doing it? Finding out the hard way will be more devastating than learning to set up the process for the tools that you use...