Data encryption and decryption, using keys, have long been available for protecting data. Secure storage systems store data in encrypted form, and secure communications send and receive data in encrypted form. Key management interoperability protocol is applied in many systems for managing keys. However, storage of all data in a storage system under a single key makes the storage system vulnerable to theft of that key. And, decrypting and re-encrypting data when multiple keys are in use in communications and storage is resource intensive and time-consuming, producing system bottlenecks. Also, decrypting and re-encrypting data for data migration, backup and/or restore operations is problematic. Therefore, there is a need in the art for a solution which overcomes the drawbacks described above and improves protection of user data that is moved from one location or system to another and stored.