Depends on your use case and threat model, really. The company I work for maintains a fleet of jailbroken phones. This is a difficult proposition to scale, so we're always on the lookout for alternatives, but we evaluated a major cloud emulation player and decided against it for reasons that had nothing to do with security.
I imagine the thought process is totally different if you're doing security research, though.
Are you talking about Corellium? That runs on custom hardware that is merely accessible through the web. And presumably you're not using it for your day-to-day web browsing or email…
I imagine the thought process is totally different if you're doing security research, though.