Box has been talking for more than year about letting its customers manage their own encryption keys, allowing them to store data in the cloud while maintaining control over who gets to access it.
This isn’t a straightforward problem to solve, because Box’s whole business is built on making it easier to share data and collaborate. The strictest security controls could eliminate the reason 44,000 companies are paying Box.
Today, Box says it has a new product that gets the job done. Called “Enterprise Key Management (EKM),” the service puts encryption keys inside a customer’s own data center and in a special security module stored in an Amazon data center. The Box service still must access customer’s data in order to enable sharing and collaboration, but EKM makes sure that only happens when the customer wants it to, Box says.