With today’s encrypted volume technology, all you need is a single username/password or private key to unlock the drive. And once someone has unlocked it, they have access to all the data on the drive. No fine-grained access control or entitlements. Bottom line: sometimes you can secure your data in motion with SSL and your data at rest with encrypted volumes in the Cloud, but even when you combine both approaches, you still have holes a hacker can drive a truck through.
Read the entire post at http://www.devx.com/blog/in-the-cloud-encryption-in-motion-encryption-at-rest-not-good-enough.html.