pie chart of who manages encryption keys for encrypted data in the cloud

Encrypting data in the cloud: Whose job is it?

A surprising one-third of organizations who are moving sensitive data to a cloud environment said it is the cloud provider’s responsibility to protect the data, according to a survey done by the Ponemon Institute for Thales e-Security.

Who manages encryption keys for encrypted data in the cloud?

29% Data owner
26% Data owner and cloud provider
23% Cloud provider
21% Third-party service
1% Other

The findings, reported in Global Trends in Cloud Encryption, show a high level of faith in providers’ ability to do this, with 57 percent of respondents either agreeing or strongly agreeing that they are capable. Despite this faith, 68 percent of respondents using the cloud encrypt their sensitive data before it leaves home, either in transit or for storage in the cloud.

Where is encryption applied to protect data in the cloud environment?

37% Data owner encrypts it in transit to cloud
31% Data owner encrypts it before sending to the cloud
11% Cloud provider encrypts it in the cloud
11% Data owner encrypts it in the cloud
10% Not applicable or none of the above

The study surveyed business and IT managers from 4,205 organizations in the United States, the United Kingdom, France, Australia, Japan and Brazil. The United States was the best represented country, with 938, or 22.3 percent, of the respondents. Eleven percent of respondents were public sector, including federal, state and local government.

Convenience and functionality apparently trump security in making cloud decisions. Although 53 percent of respondents now transfer sensitive data to the cloud and another 31 percent say they are likely to in the next two years, there is a significant level of concern about this trend, with 35 percent of those using the cloud now saying it has decreased their level of security. Only 15 percent feel it has increased security.

About the Author

William Jackson is a Maryland-based freelance writer.


  • 2020 Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    21 Public Sector Innovation award winners

    These projects at the federal, state and local levels show just how transformative government IT can be.

  • Federal 100 Awards
    cheering federal workers

    Nominations for the 2021 Fed 100 are now being accepted

    The deadline for submissions is Dec. 31.

Stay Connected