BoxEKM gives businesses control over encryption keys


Box already encrypts data in transit and data stored on its servers. That encryption isn’t good enough for some industries or businesses, though. Box owns the encryption keys, so Box can decrypt or access that data.

Box removed that hurdle with the announcement of BoxEKM. The new offering gives Box customers a secure way to manage and control their own encryption keys. Check out this blog post about BoxEKM:

One of the most effective ways to protect data is to encrypt it so that only those with the proper keys can decrypt or access it. It’s also important to control who has access to those keys. Box Enterprise Key Management is a new offering from Box that enables customers to manage and control their own encryption keys.

Box has encrypted customer data all along. Data is encrypted in transit to prevent it from being hijacked or intercepted. Data is encrypted on the Box servers to prevent unauthorized access. Box also maintains ownership of those encryption keys, which is a problem for some companies.

Some industries have strict regulations in place and compliance requirements that prevent companies from moving to a cloud storage solution like Box. Aaron Levie, co-founder and CEO of Box, explained in a blog post why this is an issue. “This has unfortunately led many large businesses to stay with on-premises systems to manage their critical content and information, reducing mobility and easy collaboration, and keeping enterprise IT architectures stuck in the past.”

Box EKM removes that final barrier to cloud adoption. Box EKM customers get their own hardware security module (HSM) from SafeNet—a dedicated appliance that protects the encryption keys. The appliance is hosted in the cloud through Amazon Web Services with another HSM in the customer’s local datacenter, as a backup. The customer is responsible for managing the HSM. Box can only access files for customer-approved requests, and a secure log of all encryption key transactions is maintained as an audit record.

Learn more about BoxEKM in this CSOOnline post: Box offers customers better data protection with Enterprise Key Management.


About Author

I have a passion for technology and gadgets--with a focus on Microsoft and security--and a desire to help others understand how technology can affect or improve their lives. I also love spending time with my wife, 7 kids, 3 dogs, 4 cats, 3 rabbits, 2 ferrets, pot-bellied pig and sulcata tortoise, and I like to think I enjoy reading and golf even though I never find time for either. You can contact me directly at For more from me, you can follow me on Twitter, Facebook, Instagram and LinkedIn.

Leave A Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.