Consumer Controlled Encryption Keys For Business Clients
The National Security Agency scandal which took place a couple of years ago has caused many corporate clients to rethink using cloud storage as a solution. Many of these services don’t allow user control over how files are encrypted, meaning, if presented with a warrant or other legal documentation, the information could be passed to a third-party.
In order to regain the trust of enterprise clientele, Box has decided to turn the encryption keys over to their customers. Ensuring that if a third-party were to gain access to account information, the data inside would still be unreadable.
Box CEO Aaron Levie explained:
“We think this is really going to unlock a new set of customers and break on of the last barriers for cloud adoption.”
Box will continue to use Gemalto, a security firm, and Amazon Web Service to provide hardware and management for their system. However, they will not retain the encryption keys, those will be in the hands of their customers.
Consumer Controlled Encryption Keys Not Just about NSA Concerns
The broad collection of the NSA is only one reason Box is changing the way they store encryption keys. There has also been a push for consumer controlled protection as a regulatory concern. Enterprise customers like to know they are in charge of all their data, and are reluctant to simply hand that authority over to a third-party.
A beta version of the service will be available in the spring. If all goes well, more clients will be able to take advantage of plans with the encryption key control option. Pricing for services that allow customers to retain control will vary depending on the number of users at the business.
Box’s main competitors still do not have user secured encryption in place. This move could very well give the company a leg up as CEO Levie hopes it will. Tell us what you think about the change.