Hi, It may be a stretch wishing for this, but here goes nothing… 
Background
Some organisations have a very hard time accepting their data residing in the cloud.
Main concern may not be data-consistency. (I.e. we trust you that far and the ability to back-up is good enough to cover the rest of our consistency concerns)
Main concern is non authorised access-security, either by some sort of human misstankes, bug - or intentional. The latter is actuality the less concerning.
To but it bluntly: Written guarantees and statements alone may not be enough.
Solution/suggestion
One way to solve this, but still not go for the stone-age on premise approach, is to enable externally provided content encryption. I.e yet another layer on-top of the (I’m sure already) existing layers of security.
(I know this can be done using the API, but it would likely require a complete rework of the web-app and to constantly keep up to date with API changes. It’s way to much work I think. What I’m looking for is a client-side content transformation plug-in ability for fields.)
Another way…
I have experimented with other ways of achieving the same goal: Browser encryption plug-ins.
The plugins I tested were:
The first collaborates with Asana somewhat better.
The results are encouraging, it’s definitely a way to do it. Reason mentioning this is to demonstrate the use-case, but more importantly: Why not to do it and to provide motivations why Asana should support something similar natively instead (as there exists considerations).
Drawbacks/considerations with browser plug-ins
- UX wize, the main trade-off is usability: Key managements and somewhat also how well these plug-in’s work with Asana in various scenarios.
- Sensitivity to Asana presentation changes. If this happens, data will be in-accessible also to the content owner.
- Mobile apps obviously can’t work
- Tool bridges like Unito would not be able to transform between clear-text and encrypted.
Thanks for considering 
//Michael