What makes you think you're going to be able to secure your snowflake instance of Asana in a heterogenous environment better than they can where the costs of getting it wrong are the death of the company?
An effort to break into a large cloud company storing thousands of interesting accounts has a bigger payout. Attempts to attack such a service will be made more often and with more sophistication than attacks on a smaller company only having one set of potentially interesting secrets.
If your company really values its corporate info so much, it likely already has policies and expertise to secure its own servers. If not, maybe a cloud instance is safer.
An effort to break into a large cloud company storing thousands of interesting accounts has a bigger payout. Attempts to attack such a service will be made more often and with more sophistication than attacks on a smaller company only having one set of potentially interesting secrets.
If your company really values its corporate info so much, it likely already has policies and expertise to secure its own servers. If not, maybe a cloud instance is safer.