Your IT Consultant

User Controlled Encryption – Box Delivers

February 11, 2015

Ars technica reported that Box, a cloud storage provider, will give control of encryption keys to the end‑user. Box has been working on transferring control for over a year. The new service is called “Enterprise Key Management (EKM)” and puts encryption keys inside a customer’s own data center along with a special security module store in an Amazon data center. I have always said that the best implementation of encryption is when the user controls it and not the provider. This is a great decision by Box and moves them into the same “zero knowledge” structure as Spider Oak. As we learn more about what government is able to access, controlling encryption keys will help protect our data from prying eyes.

Currently, the service is in beta and being used by approximately 10 businesses, including Toyota and World Bank Group. The service is expected to be available to Box enterprise customers in the spring. There will be an added fee to use the service, which I would gladly pay. Let’s hope more vendors modify their products to give users control of encryption keys.

E-mail:   Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology
http://www.linkedin.com/in/johnsimek
http://www.senseient.com