Which systems are maintained at the customer's site?

The option identified pertains to Client-Side KMS, which refers to a Key Management System that is operated and maintained at the customer's facility. This setup involves the customer having full control over the key management process, including the generation, distribution, and storage of cryptographic keys used for securing data.

Having the KMS on-site allows for enhanced security measures as customers can enforce their own policies and procedures for accessing and managing keys, reducing the risks associated with external entities potentially accessing sensitive key material. Additionally, businesses that have specific regulatory or compliance requirements often prefer Client-Side KMS since it provides them with greater oversight and governance over their cryptographic keys.

The other options represent systems that either entirely reside in the cloud or suggest a mix with cloud capabilities, typically involving some level of dependency on a third party for management, which would not provide the same level of direct control and security as a Client-Side KMS.