Cloud providers use asymmetric cryptography throughout their services. The public and private keys are generated. You keep the private key, so the service does not have a copy. The service holds the public key. Communication using public/private key is secure and has never been broken.

The cloud provider could publish the public key in tomorrow's newspaper and it would not matter; the encryption cannot be broken with just the public key. It may seem counterintuitive that a public key is used to encrypt data but cannot be used to decrypt it. But it works.

Every time you visit a website starting with HTTPS:, a public/private key encryption is being used. It is the basis of SSL and TLS encryption, which is employed for HTTPS communications.

You will use the public/private keys often for IoT analytics when you build secure processes. Think of it like a username and password for your analytics, but better. Cryptography is a fascinating subject (for some of us at least); read up on it for more details. Otherwise, take it on faith that it is all good - it is!