diff --git a/tests/test_storage.py b/tests/test_storage.py
index d92acc0..9d09d20 100644
--- a/tests/test_storage.py
+++ b/tests/test_storage.py
@@ -146,6 +146,7 @@ async def test_can_get_crypto_from_s3(self):
             b"ACME-SEC2",
             "application/text",
             "http://my-site.com",
+            False
         )
 
         data = await storage.get_crypto(filepath)
@@ -163,6 +164,7 @@ async def test_can_get_detector_data_from_s3(self):
             b'{"some": "data"}',
             "application/text",
             "",
+            False
         )
 
         data = await storage.get_detector_data(filepath)
diff --git a/thumbor_aws/result_storage.py b/thumbor_aws/result_storage.py
index 6d67f75..f6a372a 100644
--- a/thumbor_aws/result_storage.py
+++ b/thumbor_aws/result_storage.py
@@ -69,6 +69,13 @@
     "AWS Result Storage",
 )
 
+Config.define(
+    "AWS_RESULT_STORAGE_S3_SSE",
+    False,
+    "Use server side encryption for result storage.",
+    "AWS Result Storage",
+)
+
 
 class Storage(BaseStorage, S3Client):
     def __init__(self, context):
@@ -143,6 +150,7 @@ async def put(self, image_bytes: bytes) -> str:
             image_bytes,
             content_type,
             self.context.config.AWS_DEFAULT_LOCATION,
+            self.context.config.AWS_RESULT_STORAGE_S3_SSE,
         )
         logger.info(
             "[RESULT_STORAGE] Image uploaded successfully to %s", file_abspath
diff --git a/thumbor_aws/s3_client.py b/thumbor_aws/s3_client.py
index d071a07..e2b4251 100755
--- a/thumbor_aws/s3_client.py
+++ b/thumbor_aws/s3_client.py
@@ -104,9 +104,9 @@ async def upload(
         data: bytes,
         content_type,
         default_location,
+        encryption
     ) -> str:
         """Uploads a File to S3"""
-
         async with self.get_client() as client:
             response = None
             try:
@@ -114,10 +114,12 @@ async def upload(
                     "Bucket": self.bucket_name,
                     "Key": path,
                     "Body": data,
-                    "ContentType": content_type,
+                    "ContentType": content_type
                 }
                 if self.file_acl is not None:
                     settings["ACL"] = self.file_acl
+                if encryption:
+                    settings["ServerSideEncryption"] = "AES256"
 
                 response = await client.put_object(**settings)
             except Exception as error:
diff --git a/thumbor_aws/storage.py b/thumbor_aws/storage.py
index 6a97b41..6c05d5a 100644
--- a/thumbor_aws/storage.py
+++ b/thumbor_aws/storage.py
@@ -68,6 +68,13 @@
     "AWS Storage",
 )
 
+Config.define(
+    "AWS_STORAGE_S3_SSE",
+    False,
+    "Use server side encryption for storage.",
+    "AWS Storage",
+)
+
 
 class Storage(storages.BaseStorage, S3Client):
     def __init__(self, context):
@@ -100,6 +107,7 @@ async def put(self, path: str, file_bytes: bytes) -> str:
             file_bytes,
             content_type,
             self.context.config.AWS_DEFAULT_LOCATION,
+            self.context.config.AWS_STORAGE_S3_SSE,
         )
         return path
 
@@ -121,6 +129,7 @@ async def put_crypto(self, path: str) -> str:
             key,
             "application/text",
             self.context.config.AWS_DEFAULT_LOCATION,
+            self.context.config.AWS_STORAGE_S3_SSE,
         )
 
         logger.debug("Stored crypto at %s", crypto_path)
@@ -136,6 +145,7 @@ async def put_detector_data(self, path: str, data: Any) -> str:
             details,
             "application/json",
             self.context.config.AWS_DEFAULT_LOCATION,
+            self.context.config.AWS_STORAGE_S3_SSE,
         )
 
     async def get(self, path: str) -> bytes: