Encryption keys are saved securely utilizing a hardware security module (HSM), guaranteeing that keys are under no circumstances subjected to the cloud provider service provider. This may be attained by enabling usage of only precise data sets and fields or throughout the obfuscation of data not necessary previous to analysis in other applications