Multi-Cloud Models Boost Enterprise-wide Encryption Strategies

The number of enterprises that have a consistent, enterprise-wide encryption strategy has increased from 50 percent to 62 percent in the past year, according to the Entrust Global Encryption Trends Study. The driver for this was cited as a desire for greater control of data distributed across multiple cloud environments.

The results demonstrate that companies have not only recognized the security issues, but have addressed them. However, they also reveal gaps in the implementation of encryption solutions within certain sensitive categories. For example, only 34 percent of respondents say they comprehensively encrypt data containers or IoP platforms in each case, and only 31 percent for Big Data repositories. The situation is similar with hardware security modules (HSMs). While these are rated as an important part of an encryption and key management strategy by 63 percent of all respondents worldwide, half say they do not yet have HSMs.

Enterprises transfer sensitive or confidential data to the cloud

The study also shows how the distribution of sensitive data across multiple cloud environments is forcing organizations to increase security in this area. This is especially true for containerized applications, where the use of HSMs is at an all-time high of 40 percent.

More than half of respondents (55 percent) admit that their organization transfers sensitive or confidential data to the cloud – whether or not it is encrypted or made unreadable through some other mechanism such as tokenization or data masking. However, another 27 percent say they will do so in the next one to two years.

Encryption happens first in the cloud

“The proliferation of multi-cloud environments, containers and serverless deployments, and IoT platforms is creating new security challenges for many organizations,” said John Metzger of Entrust. “This is exacerbated by the rise of ransomware and other cybersecurity threats. Enterprises are responding by trying to maintain control of encrypted data themselves – rather than leaving its protection solely to platform providers.”

When it comes to protecting their data-at-rest in the cloud, 44 percent of IT professionals ( compared to 36 percent in 2021) say that encryption is done in the cloud first – with keys generated and managed by the cloud provider. Another 38 percent say their data is already encrypted before it is sent to the cloud – with keys generated and managed by their own company. Another 21 percent use some form of Bring Your Own Key (BYOK).

Study methodology

The “2022 Global Encryption Trends Study” is based on research by the Ponemon Institute and captures how global encryption use has evolved over the past 17 years – taking into account the impact on the overall state of security. The study surveyed 6,264 IT professionals from various industries in 17 countries/regions.