Box offers secure encryption key management in the cloud


Enterprise collaboration vendor Box has announced an Enterprise Key Management (EKM) offering, which is designed to enable organisations to maintain exclusive control over encrypted content in the cloud.

Box EKM provides businesses with single-tenant control over their encryption keys and audit logs using a cloud-based protected key infrastructure, supplied via a dedicated Amazon Web Services (AWS) CloudHSM appliance.

AWS manages and maintains the hardware, with neither Box nor Amazon having access to the keys. The new offering also uses Gemalto’s SafeNet Hardware Security Modules (HSM) for key encryption and protection.

More traditional approaches to customer-managed encryption “hinder the mobility, usability and simplicity of cloud-based services that are essential for productivity”, said Box.

“Industries like finance, government, legal and healthcare are facing a new set of challenges when it comes to establishing control over their content – and who can access it – without hindering collaboration and productivity,” said Aaron Levie, Box co-founder and CEO.

“With Box EKM, we’ve removed the final barrier to cloud adoption for industries that require the highest levels of protection over their information.”

Customers including Toyota Motor Sales, USA, Inc. and the World Bank Group are using an early version of Box EKM, said the company.

“Companies of every size are now deploying new applications and workloads to the cloud to increase agility, get to market more quickly, and to transform their customer experience,” said Adam Selipsky, VP of Amazon Web Services.

“We’re excited to work with Box to use AWS CloudHSM to drive a new generation of business productivity and collaboration for organisations that require the highest levels of security and regulatory compliance.”

“Information security remains a critical consideration as organisations transition more solutions, services and applications to the cloud,” said Prakash Panjwani, senior VP of Identity and Data Protection, Gemalto.

“Gemalto and Box are providing a trusted solution to protect the most sensitive data for companies and organisations that don’t want to compromise data security and access controls for the flexibility and functionality of today’s most popular productivity tools.”

“In a growing number of scenarios, such as bring your own device (BYOD) and cloud use cases, the only hope for reducing misuse of sensitive data is through reliable and efficient encryption mechanisms,” said Jay Heiser, Research VP at analyst group Gartner..

“Buyers of cloud services and mobile devices should demand that providers offer them the option of managing their own encryption keys. Only by managing their own keys can organisations ensure that outsiders are not surreptitiously gaining access to those keys.”

About Author

Chris Middleton

Chris Middleton is a widely respected business and technology journalist, author, and magazine editor. In recent years he has been Editor of Computing (where he remains Consulting Editor); co-founder and Managing Editor of Professional Outsourcing – a magazine he developed from scratch and grew to be the leading magazine in its field; Editor of CBR in its most successful year; and co-founder and launch Editor of Today, he is co-Director of EastwoodMiddleton Publishing, and founder, designer, and Editor in Chief of Strategist magazine (UK), the boardroom magazine that provides strategic insight for business leaders, and of its mobile-first digital edition at He is also co-founding Editor of Child Internet Safety magazine, and a contributing Editor of Over the years Chris has also written for, among many others, The Guardian, The Times, the BBC, and Computer Weekly. He is the author of several successful books on digital media, and a commissioning editor of more than 50 books.