Nowadays, users are delegating the data storage to cloud services, due to the virtually unlimited storage, change history, broadband connection, and high availability. Despite the benefits and facilities, it is necessary to pay extra attention to data confidentiality and users' privacy, as numerous threats aim to collect such information in an unauthorized manner. An approach to ensure data confidentiality is the use of client-side encryption, with the user taking control of the encryption keys and defining which files or data will be encrypted. This scheme is already explored by many applications on personal computers and also as a native feature in some smartphone operating systems, but are still susceptible to certain types of attacks. Aiming to improve the security of the client-side encryption approach, we propose to apply the Intel Software Guard Extensions (SGX) to perform data sealing, creating a secure vault that can be synchronized with any cloud storage service, while relying on the SGX to protect the key handling. To validate our proposal, we build a proof of concept based on the Cryptomator application, an open-source client-side encryption tool specially designed for cloud storage services. Our results show an overall performance better than the original Cryptomator application, with stronger security premises. Thus, our solution proved to be feasible and can be expanded and refined for practical use and integration with cloud synchronization services.