Skip to main content [aditude-amp id="stickyleaderboard" targeting='{"env":"staging","page_type":"article","post_id":1871080,"post_type":"story","post_chan":"none","tags":null,"ai":false,"category":"none","all_categories":"business,","session":"A"}']

Box launches KeySafe service for secure storage of encryption keys

From left, Box chief executive Aaron Levie, Box head of mobile Martin Destagnol, and Box senior vice president of engineering Sam Schillace.

Image Credit: Box

Cloud file syncing and sharing company Box today announced the launch of KeySafe, a service that gives companies a reliable way to store the encryption keys for their data.

Box is offering two flavors of KeySafe. The first one draws on the CloudHSM service from public cloud market leader Amazon Web Services (AWS), which uses dedicated hardware security modules from vendor Gemalto in Amazon data centers. Box announced this product a year ago under the name Enterprise Key Management (EKM), and now it’s being rebranded to Box KeySafe with AWS CloudHSM.

[aditude-amp id="flyingcarpet" targeting='{"env":"staging","page_type":"article","post_id":1871080,"post_type":"story","post_chan":"none","tags":null,"ai":false,"category":"none","all_categories":"business,","session":"A"}']

The second flavor of KeySafe is new — it runs on top of an AWS service called the Key Management Service, which is newer than CloudHSM and costs less money. Plus, it’s simpler to use.

“Box KeySafe with AWS Key Management Service can be configured in under 30 minutes and requires very little on-going maintenance,” Box director of product management Jon Fan wrote in a blog post.

AI Weekly

The must-read newsletter for AI and Big Data industry written by Khari Johnson, Kyle Wiggers, and Seth Colaner.

Included with VentureBeat Insider and VentureBeat VIP memberships.

The availability of KeySafe could assuage security-sensitive companies that want to be in control of their own destiny if they adopt cloud services such as Box and allow data to be stored on other companies’ data center infrastructure. That could help Box further distinguish itself from Dropbox, Google Drive, and Microsoft’s OneDrive (although Microsoft does have its own Key Vault cloud service, and besides that, Box has increasingly partnered with Microsoft to integrate with Office tools).

Recent acquisitions suggest that security for software as a service (SaaS) has become a higher priority. Last year Microsoft bought Adallom and Blue Coat bought Elastica.

Both flavors of Box’s KeySafe service follow four distinct steps:

  1. Upload file to Box
  2. Encrypt file using Box Key
  3. Encrypt the Box Key using the customer’s key
  4. Update the audit log, which the customer controls

Box says it can never touch customers’ encryption keys when they’re stored with KeySafe.

Box KeySafe with AWS CloudHSM is available now, while Box KeySafe with AWS Key Management Service will become available next month, according to a statement. For both products, pricing is based on the size of each customer’s deployment.

Box now has more than 54,000 paying customers, according to its most recent earnings statement.

[aditude-amp id="medium1" targeting='{"env":"staging","page_type":"article","post_id":1871080,"post_type":"story","post_chan":"none","tags":null,"ai":false,"category":"none","all_categories":"business,","session":"A"}']

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn More