Box today announced Box Enterprise Key Management (EKM), a patent-pending solution that’s built for the world’s most security conscious organizations. Box EKM, currently available in beta, enables the deepest levels of control around enterprise content without sacrificing the ease of use and powerful collaboration features of the Box platform. Box is working with Amazon Web Services (AWS) and Gemalto to deliver Box EKM, allowing businesses to maintain exclusive control over their encryption keys.
“Industries like finance, government, legal and healthcare are facing a new set of challenges when it comes to establishing control over their content – and who can access it – without hindering collaboration and productivity,” said Aaron Levie, co-founder and CEO, Box. “With Box EKM, we’ve removed the final barrier to cloud adoption for industries that require the highest levels of protection over their information.”
More than 44,000 paying businesses, including 48% of the Fortune 500 and 32 million users trust Box as their platform for business productivity and enterprise content collaboration. Customers including Toyota Motor Sales, USA, Inc. and the World Bank Group are using an early version of Box EKM.
The traditional approach to customer-managed encryption hinders the mobility, usability and simplicity of cloud-based services that are essential for productivity. Box EKM introduces a straightforward approach to provide businesses with complete single-tenant control over their encryption keys and audit logs. Box, in close collaboration with AWS and Gemalto, provides a reliable and protected key infrastructure via a dedicated AWS CloudHSM appliance in the cloud, and leverages Gemalto’s state-of-the-art tamper resistant SafeNet Hardware Security Modules (HSM) for key encryption and protection. Customers retain full control of their keys and cryptographic operations on the HSM, while Amazon manages and maintains the hardware, with neither Box nor Amazon having access to the keys. This advanced encryption feature set is all available while preserving the hallmark functionality of Box’s core service.
“Companies of every size are now deploying new applications and workloads to the cloud to increase agility, get to market more quickly, and to transform their customer experience,” said Adam Selipsky, Vice President, Amazon Web Services, Inc. “Security is a top priority for us and AWS Cloud infrastructure has been architected to be the most flexible and secure cloud computing environments available today. We’re excited to work with Box to use AWS CloudHSM to drive a new generation of business productivity and collaboration for organizations that require the highest levels of security and regulatory compliance.”
“Information security remains a critical consideration as organizations transition more solutions, services and applications to the cloud,” said Prakash Panjwani, senior vice president of Identity and Data Protection, Gemalto. “Gemalto and Box are providing a trusted solution to protect the most sensitive data for companies and organizations that don’t want to compromise data security and access controls for the flexibility and functionality of today’s most popular productivity tools.”
“In a growing number of scenarios, such as bring your own device (BYOD) and cloud use cases, the only hope for reducing misuse of sensitive data is through reliable and efficient encryption mechanisms,” notes Jay Heiser, research VP, Gartner1. “Buyers of cloud services and mobile devices should demand that providers offer them the option of managing their own encryption keys. Only by managing their own keys can organizations ensure that outsiders are not surreptitiously gaining access to those keys.”
Pricing and Availability
Box EKM is available in beta today and will be generally available Spring 2015. Customers can purchase at an additional price based on size of deployment.