Don't miss an insight. Subscribe to Techopedia for free.


What are some best practices for cloud encryption?

By Justin Stoltzfus | Last updated: March 24, 2022
Made Possible By Turbonomic

With so many companies moving data to the cloud in one way or another, encryption has become a major part of the overall effort of providing cloud security. Many of the biggest questions that companies have are around security, because there are so many risks and liabilities around cyberattacks.

One of the major components of improving cloud encryption involves talking to cloud providers and vendors. Because so much of the actual architecture is on the vendor side, many of the best practices that client companies can comply with involve talking in-depth with vendors and inspecting the vendor's security processes.

Companies should review a service-level agreement (SLA) very closely and ask for a security architecture plan from the vendor to actually see how the vendor's security works. Potential customers should discuss different types of security – security for the perimeter of the network, and segmentation or segregation inside the network, as well as endpoint security, where that is applicable.

In terms of actual encryption strategies, some guidelines can help to perfect how encryption secures data in the cloud. There is the principle of decentralization for the encryption mechanism, and the concept of multiple encryption processes, and there is the principle of good user authentication and the use of audit logs to track network events.

Another type of encryption best practice involves managing multiple encryption keys. This varies according to the architecture – for instance, key management is different for public, private and hybrid cloud setups. Customers should understand when encryption keys are held by the vendor, and when they are held by the client, and how this serves a particular type of security strategy.

By connecting with the vendors on a very detailed level, and discussing the actual nuts and bolts of cyber security architecture, companies can be better served by processes that will take their internal data and host it in the vendor’s cloud services. Some experts recommend having point people to work back channels of communication in order to capably support these cloud partnerships and make sure that security is a sufficient part of the cloud implementation process.

Share this Q&A

  • Facebook
  • LinkedIn
  • Twitter


Cloud Computing Cybersecurity Data Management Emerging Technology Identity & Access Governance

Made Possible By

Logo for Turbonomic

Written by Justin Stoltzfus | Contributor, Reviewer

Profile Picture of Justin Stoltzfus

Justin Stoltzfus is a freelance writer for various Web and print publications. His work has appeared in online magazines including Preservation Online, a project of the National Historic Trust, and many other venues.

More Q&As from our experts

Related Terms

Related Articles

Term of the Day

Database Management System

A database management system (DBMS) is a software package designed to store, retrieve, query and manage data. User...
Read Full Term

Tech moves fast! Stay ahead of the curve with Techopedia!

Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.

Go back to top