Data Backup Digest

Do-It-Yourself Windows File Recovery Software: A Comparison

results »

Box Introduces Enterprise Key Management for Enhanced Security

Box is one of the many cloud storage services out there on the market. After years of tackling private consumers, these cloud services have recently begun heavily targeting their business users. It was discovered that this is where the true value and money lies.

However, there has always been one major factor in cloud storage that has been holding businesses back. And that’s the perceived lack of security. If data is stored physically and offline, there’s no way that someone can infiltrate to that data through the internet. That changes entirely when it’s then stored online.

Businesses rely on data for the upkeep of their business, but the security concerns go beyond that – for example, trade secrets could be stored within digital data that would be disastrous if they were to get out. Box hopes to change that with their latest announcement.

In early February, Box announced that they’ve integrated a new technology into their service that adds a new protective encryption layer to their storage. Box is hoping that, if this works, major industries like healthcare and finance will begin to store their data on the service.

“Classified data hasn’t moved to the cloud,” said Aaron Levie, the chief executive and co-founder of Box. “We’ve added another layer of security to address that.”

Box already encrypts the data that it stores and it viruses scans it too. However, this new security goes one step beyond that. Box is calling the service Enterprise Key Management (EKM) and it uses a public key program, which is essentially encryption that is extremely difficult to break.

The service comes less than a month after Box went public on the stock exchange. At the moment, the feature is still in beta, but it has been created to give businesses exclusive control over their encryption keys. The technology was developed with security company Gemalto and Amazon Web Services.

When data is uploaded it is then encrypted with a unique key for that specific file. The standard system is a file-specific key that is encrypted by an internal key-management system. This new feature puts that power in the hands of the customer.

Using software inside Amazon Web Services, the customer uploads their data to Box. When Box then sends this data back out it must get permission from the customer, while at the same time creating an audit trail of who has accessed the data.

Levie noted that “this isn’t really a security feature, though it adds that”, going on to say that it’s more about adding a new level of data control.

Of course, public keys are not new; they’ve been around for a long time. The reason it hasn’t been implemented before is because it used to impact latency and the speed at which data can be retrieved. However, Box seems to have overcome this.

Box currently have over 44000 businesses on their books as paying customers. The cloud firm will definitely be hoping that the additional of their EKM will draw in some top players, though only time will tell how enticing it truly is.


No comments yet. Sign in to add the first!