You are here:  Home  >  Education Resources For Use & Management of Data  >  Data Daily | Data News  >  Current Article

Will Companies Embrace Box’s Enterprise Key Management Service?

By   /  February 17, 2015  /  No Comments

bxby Angela Guess

Francesca Sales of Search CIO reports, “Box thinks it might have just the thing to put your cloud security worries to bed. This week, the cloud storage and file sharing company, based in Los Altos, Calif., announced a new service, called Enterprise Key Management (EKM), which would give companies more control of the encryption of their own data using a public key program.How it works, according to SearchSecurity: EKM runs on a SafeNet hardware security module (HSM) that is placed inside an enterprise’s own AWS instance, called CloudHSM, so users can manage their own encryption keys in their data center. Before Box can encrypt or decrypt any file, it needs to request permission directly from the customer using open APIs on its HSM; the module then logs the request in an unchangeable audit log for the user’s own compliance purposes.”

Sales goes on, “This gives customers control of when Box can access their data and prevents the vendor from being able to send that data to a third party without the customer’s knowledge. This is very layered security, the strictness of which might make some wonder how EKM affects Box’s built-in functionality and user experience. And indeed, one way Box and other cloud vendors had already been doing encryption — going through a third party — does sometimes break these capabilities. ‘You would go to a third party, who would encrypt the data before it got up into Box. But that would break all of Box’s innate, built-in functionality, because it couldn’t see the data — the data was just a blob,’ Tyler Shields, a senior analyst at Forrester, told me. The other extreme, however — giving Box access to and control of your encryption keys — is not that much more appealing. ‘You essentially had to trust [Box] not to do anything bad,’ he said.”

Read more here.

photo credit: Box

You might also like...

Data Strategy vs. Data Architecture

Read More →