Cloud encryption is the transformation of a cloud service customer's data into cyphertext.
Cloud encryption is almost identical to in-house encryption with one important difference, the cloud customer must take time to learn about the provider's policies
and procedures for encryption and encryption key management. The cloud
encryption capabilities of the service provider need to match the level
of sensitivity of the data being hosted.
Because encryption consumes more processor overhead, many cloud
providers will only offer basic encryption on a few database fields,
such as passwords and account numbers. At this point in time, having the
provider encrypt a customer's entire database can become so expensive
that it may make more sense to store the data in-house or encrypt the
data before sending it to the cloud.
To keep costs low, some cloud providers have been offering alternatives
to encryption that don't require as much processing power. These
techniques include redacting or obfuscating data that needs to remain
confidential or the use of proprietary encryption algorithms created by
the vendor.
In the past, many businesses felt comfortable allowing the cloud provider to manage encryption
keys, believing that security risks could could be managed through contracts, controls and audits.
Over time it has become apparent, however, that cloud providers cannot honor such commitments when
responding to government requests for information.
by
Margaret RouseReference
http://searchcloudstorage.techtarget.com/