Cloud Encryption

Cloud encryption protects corporate data in the cloud from security breaches, third-party disclosures, and compliance violations

Sensitive data is moving to the cloud at an unprecedented rate and organizations are looking for ways to extend encryption policy controls to new cloud-based systems of record and systems of engagement. Across industries, the average organization uploads 13.9 TB of data to the cloud each month. While an impressive 81.8% of cloud providers encrypt data in transit via SSL or TLS, far fewer (just 9.4%) store data encrypted. According to the Ponemon Institute, the average cost of a data breach is now $3.8 million. Encrypting data at rest is an essential element in a robust cloud data security program to limit the damage of data breaches.




Aside from bolstering the security of SaaS applications, storing data encrypted has another positive side benefit. Numerous regional and industry-specific laws including HIPAA-HITECH require organizations to notify customers whose data has been compromised in a breach. However, if that data has been made indecipherable with encryption, organizations are exempt from these breach notification requirements. Since mandatory breach notifications are often followed by a wave of customer lawsuits, nullifying these requirements with encryption can significantly reduce the cost of a data breach for regulated organizations.

Encryption makes data indecipherable to anyone without access to the encryption keys, but when a cloud provider encrypts your data, administrators at the provider can view your data. The cloud provider may also be compelled by law to provide copies of your data to various governments around the world without notifying you. And in the event of a breach, a cyber criminal who has compromised the encryption keys of a cloud provider can decrypt the stolen data. Encrypting data using your own encryption keys can prevent these scenarios, but just 1.1% of cloud providers support tenant-managed encryption keys. Skyhigh’s cloud encryption gateway can help you protect data with encryption you control.

The Cloud Encryption Handbook

Learn about encryption that supports search and sort, the security trade-offs of each scheme, and the framework for selecting the right scheme for you

Download Now
The Cloud Encryption Handbook

Encrypt data with enterprise-owned keys

Protect structured and unstructured data with standards-based AES encryption, function-preserving encryption, and tokenization, ensuring compliance with HIPAA, HITECH, PCI, the EU Data Protection Directive, and data residency requirements.

  • Preserve application functionality

    Support critical end-user functionality such as search, sort, and format by selecting from academia- and peer-reviewed encryption schemes developed in collaboration with experts in the industry.

  • Own your encryption keys

    Integrate with any KMIP-compliant key management server, enabling you to maintain control of your keys and comply with industry regulations and security policies.

Key Features


Applies standards-based AES or function-preserving encryption to structured and unstructured data using enterprise-owned encryption keys.


Delivers function preserving encryption schemes that are academia and peer-reviewed, preserving end-user functions such as search, sort, and format.


Substitutes sensitive data with randomly generated tokens to keep data on premises, satisfying data residency requirements.


Provides flexible cloud or on-premise deployment options and integrates with leading key management servers supporting the KMIP protocol.

See a Live Demo

One of our cloud enablement specialists would be delighted to show you Skyhigh in action.

Schedule a Demo

Request a Cloud Audit

Get a personalized assessment of all cloud services in use by your employees and their associated risk.

Request a Cloud Audit