Skip to main content
Unsere Website gibt es auch auf Deutsch - w├╝rden Sie gerne zu dieser Version wechseln?Zur deutschen Version wechseln

Cloud encryption - client-side vs server-side

1 min read  •  September 02, 2013

The uncertainty over whether to transition to the Cloud seems to be dwindling as predictions by Gartner1 estimate 60% of server workloads will be virtualized by 2014. How secure our data is, and what measures can we take to protect our files, are now the questions at hand.

Security configurations operated by either the client2 or the server3 ensure the protection of data in both storage and transit by encrypting the uploaded files. Encryption of data is an essential security tool for organizations using the cloud. But there are significant differences between these two configurations, which could put your data at risk.

Server-side encryption manages your encryption key along with your data, encoding the information once it is uploaded to the provider. In comparison to client-side encryption, this method limits the complexity of the network environment whilst maintaining the isolation of your data. However the key material to encode and decode is stored together with the information it is employed to protect, leaving the data vulnerable to anyone trying to access it. Providers may agree to keep your data confidential, but can use the data for their own use, for example to improve search results or deliver advertisements. For this reason, some servers will resist to use client-side encryption. The Cloud Security Alliance reported management operated from cloud providers hosting the data prevents providers from unauthorized disclosure of customer data, and advised customers to retain complete control. This can be achieved by using client-side encryption methods.

"Zero-knowledge service", known as client-side encryption, allows you to maintain the keys (passwords) without the management of the server. The ability to decrypt files is only possible using the key created by the individual user. Data is therefore protected against law enforcement requests, as providers do not have access to the encrypted files. With individual-user power comes also responsibility; good key management and data backup should be implemented, as passwords cannot be retrieved when lost (in most cases).

1 Gartner is the world's leading information technology research and advisory company. For more information visit:
2 A Client is a computer who initiates contact with a server
3 A Server is a computer system that shares its data.
Rate this article?
26 Reviews / 4.9 Stars
Almost finished...Please click the link in the email and confirm your email adress to complete the subscription process.
Never miss a post. Get awesome insights in your inbox.
Steffen Tietz
About the Author:
Steffen is the CTO of Stackfield. He likes to tackle challenging problems of complex systems and long stages on the bike.
Display Comments (powered by Disqus)