Gartner Research

Enabling High-Risk Services in the Public Cloud With IaaS Encryption

Published: 30 May 2014

ID: G00259591

Analyst(s): Joerg Fritsch


The promise of encrypting data at rest in IaaS is to ensure that no other organization can benefit from your intellectual property. To do this, security and risk management professionals need to make candid trade-offs among confidentiality, resilience and trust.

Table Of Contents


  • Confidentiality vs. Resilience
  • IaaS Encryption Key Management


  • Issues and Concerns
    • Data-in-Use Exposure: Limitations of IaaS Data-at-Rest Encryption
    • Resilience and Availability: Impact of IaaS Data-at-Rest Encryption
  • Architectural Approaches
    • Where Encryption Keys Are Managed: The Location of the KMS
    • Where the Encryption Keys Are Used: Client-Side vs. Gateway-Based Encryption


  • "You Should Consider … If …"
    • On-Premises Encryption Key Management
    • KMS-VM-Based Encryption Key Management
    • Cloud-Based HSM
    • Key Management SaaS Solution
  • Build Windmills, Not Walls: Time for an In-Depth Encryption Approach

The Details

  • Drivers for IaaS Encryption
    • You Simply Have to Do It
    • You Truly Believe That Encryption Helps Against a Certain Type of Attack
    • You Bought Snake Oil
  • IaaS Encryption Market Segment
  • Targets of IaaS Encryption
    • Full-Disk Encryption
    • Block-Level Storage
    • File-Level Encryption
    • Object Storage
  • Vendors


Gartner Recommended Reading

©2021 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. and its affiliates. This publication may not be reproduced or distributed in any form without Gartner’s prior written permission. It consists of the opinions of Gartner’s research organization, which should not be construed as statements of fact. While the information contained in this publication has been obtained from sources believed to be reliable, Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner research may address legal and financial issues, Gartner does not provide legal or investment advice and its research should not be construed or used as such. Your access and use of this publication are governed by Gartner’s Usage Policy. Gartner prides itself on its reputation for independence and objectivity. Its research is produced independently by its research organization without input or influence from any third party. For further information, see Guiding Principles on Independence and Objectivity.

Already have a Gartner Account?

Become a client

Learn how to access this content as a Gartner client.