Removable drives are ok but online accounts get hacked all the time and are not safe. If you store it on a removable drive the thief has to a) get the drive b) brute force the password. If you put it online then getting the wallet file becomes that much easier. Your wallet then becomes a brain wallet with a human generated passphrase.
If you set a good enough password, it isn't going to be "brute forced". Mine is a fairly long nonsensical sentence with extra characters and numbers, etc. And remember you would have both a password on the Multibit wallet itself and and also on the file encryption, so that is two they have to break into...and PGP hasn't been broken yet and neither has TrueCrypt to the best of my knowledge.
If you upload it to the cloud, I would zip all of it into one file and encrypt that...change the name to ___.avi or .jpg or whatever and then people wouldn't even know it is a bitcoin related file.
See here on why human generated passphrases or passwords are no match for brute forcing:
https://bitcointalksearch.org/topic/m.3345309