I was aware of this (and I think majority of their customers are aware of it). However, majority of companies which use CipherCloud just need to be compliant - in other words that cloud provider (administrator, support etc.) cannot read their data during normal course of operation (answering support questions, etc.).
Lets take an example of HIPAA - the idea of HIPAA is that company managing records needs to track who can see medical data and to detect when unauthorized employees or employees without legitimate cause looks health related records. So my understanding is that if a cloud provider starts decrypting data encrypted via CipherCloud, then that is already criminal act.
Lets take an example of HIPAA - the idea of HIPAA is that company managing records needs to track who can see medical data and to detect when unauthorized employees or employees without legitimate cause looks health related records. So my understanding is that if a cloud provider starts decrypting data encrypted via CipherCloud, then that is already criminal act.