Soon after becoming a publicly traded company, cloud storage solution Box is aiming its guns straight at security-conscious organizations. With its newest feature, dubbed Enterprise Key Management (EKM), Box wants to entice more businesses into the cloud by giving them complete control over their storage encryption keys.
Cloud storage can be incredibly convenient, facilitating file access from anywhere with an internet connection and making collaboration as simple as a couple of clicks. However, it’s traditionally come with some notable caveats; as storage and encryption is handled by a third party, organizations with high security requirements – financial and legal corporations, government institutions, healthcare organizations etc – don’t trust the cloud with important documents.
The company worked in close collaboration with Amazon Web Services (AWS) and Gemalto for its new solution. EKM gives its users (AKA IT departments) control of Hardware Security Modules – dedicated encryption devices – in order maintain authority over all cryptographic operations, audits and access to files. The company says these modules are built to Pentagon security standards.
The process uses a double encryption model: files are protectef with a Box key first, and a customer-managed key second. In other words, Box says it cannot access or otherwise interact with the files, because it never knows that second encryption key managed by the HSM.
By putting encryption into the hands of its customers, Box believes EKM can be the first tool to remove the cloud’s adoption barrier in industries with high security requirements. It means multinational organizations can comply with privacy requirements, law and financial firms can meet security clauses in their client’s contracts, all while having the benefits of cloud storage.
Box EKM is already available in beta form, and will be publicly available in the Spring. The company isn’t disclosing prices yet, but it will vary based on the size of deployment.