Ensuring effective controls for cloud providers to understand where data is stored and pinpoint liability