In the aftermath of the rather disturbing "virtual mugging" I referred to earlier, ArsTechnica has an excellent self-audit article, building upon best practices, and the experiences of the victim. It's a must read (and a must do!) for all of us that use cloud services to any extent.
The first step is to determine how securely you've configured your cloud service accounts—and how much interdependency they have. The best passwords in the world won't help if the exposure of just one account by a server hack or social engineering lets a hacker or fraudster bypass the password and your accounts are too heavily connected