Box KeySafe Lets Users Manage Encryption Keys Without Dedicated Hardware

Box is letting customers manage their own encryption keys without need for a dedicated hardware storage module (HSM), allowing businesses of all sizes to secure their content in the cloud without compromising any functionality of the cloud platform.

Customers have been able to manage their own keys since last year with the launch of Box Enterprise Key Management (EKM) which used a dedicated Amazon Web Services (AWS)-powered CloudHSM appliance in the cloud protected by Gemalto’s SafeNet Hardware Security Modules.

Box Keysafe

Box KeySafe is available in two flavours; one which uses a dedicated HSM and one which uses a software-based technique powered by AWS Key Management Service. Box claims configuration with the latter can take just half an hour.

Regardless of which option is chosen, neither Amazon nor Box have access to the keys and customers maintain control over key policies and usage logs to ensure proper access to encrypted data.

This, it is hoped, will encourage more firms in regulated industries to adopt Box services, particularly those in finance, government, legal and healthcare which have to manage particularly sensitive data.

“Businesses of every size across even the most regulated of industries can now take full control of their data in the cloud with Box KeySafe,” said Aaron Levie,Box CEO. “Today, we’re making customer-managed encryption easier to deploy and more cost-effective than ever before, further raising the bar for security in the cloud.”

Box KeySafe with AWS CloudHSM is available immediately and Box KeySafe with AWS Key Management Service will be available next month.