Cloud services have gained popularity due to the number of advantages they provide to organizations and individuals such as reduced cost, better storage, and improved performance. However, a lot of organizations are still unwilling to shift their traditional in-house services to the Cloud due to the various security implications. Many Cloud service users are worried about the security of their data and privacy being violated. There are many reported cases of Cloud service providers illegally collecting personal data of their customers, which has led to service providers being viewed with greater suspicion than before. To overcome this, Cloud service providers must ensure that they inform the users exactly about which data is being used and how it is used. While it is the duty of the Cloud service provider to protect the data confidentiality and privacy of their customers, this should not be misunderstood or misused by customers to conduct illegal activities because Cloud service providers have to abide by the rules and regulations, including co-operating with law enforcement agencies if they need any particular customer’s data. In this paper, we research the main security aspects for ensuring data confidentiality and
privacy.