Digital transformation is a persistent trend that has resulted in fundamental shift in storage, access, and management of digital assets. This shift is particularly noticeable for the most prized asset: an organization’s sensitive data. Sensitive data used to reside in controlled on premises enterprise data centers protected by both physical and logical security controls. Although, until recently it was unthinkable to trust a third-party with such data, organizations are now accelerating the migration of their workloads and data to the cloud. According to the Thales 2019 Global Data Threat Report1 , over 40% of organizations now store their sensitive data using infrastructure (IaaS), platform (PaaS) or software (SaaS) services of public Cloud Service Providers (CSPs), such as Amazon Web Services, Microsoft Azure, and Google Cloud. This change, though initially driven by economics, has delivered greater flexibility and elasticity in management of computing and storage resources. A clear casualty of this change has been the traditional method of data security that relied on a well-defined network perimeter to protect data.