Box has been talking for more than year about letting its customers manage their own encryption keys, allowing them to store data in the cloud while maintaining control over who gets to access it.

This isn’t a straightforward problem to solve, because Box’s whole business is built on making it easier to share data and collaborate. The strictest security controls could eliminate the reason 44,000 companies are paying Box.

Today, Box says it has a new product that gets the job done. Called “Enterprise Key Management (EKM),” the service puts encryption keys inside a customer’s own data center and in a special security module stored in an Amazon data center. The Box service still must access customer’s data in order to enable sharing and collaboration, but EKM makes sure that only happens when the customer wants it to, Box says.

When asked if the service would prevent Box from handing data over to the government, a company spokesperson said, “Unless the customer provides authorization to Box to provide the content that’s asked for, Box is prevented from sharing the content. When customers use Box EKM we are not able to provide decrypted content because we don’t have the encryption keys protecting the customer’s content.”

Without EKM, Box could be forced to hand data over to the government without notifying the customer if the government request is valid and requires Box to keep it secret.

As Box describes it, EKM would make it a lot harder to hide government requests. The service is being used in beta by about 10 businesses, including Toyota and World Bank Group, and will be generally available to Box enterprise customers in the spring for an added fee.

Box has 48 percent of the Fortune 500 as customers, with millions of individual users, but “there are still some customers that can’t adopt the cloud, super regulated businesses in financial services, some very large energy companies, some major insurance companies, obviously government agencies and departments,” Box cofounder and CEO Aaron Levie told Ars.

These customers want more control over file encryption, but "the challenge is a bunch of these solutions essentially break what we're really good at, which is our end user experience," Levie said. "A lot of our in-line security capabilities like virus scanning, content previewing, and information rights management, all the capabilities where we add on top of your content, tend to break down in a world where we're not helping you manage that encryption."

How it works

EKM relies on a Hardware Security Module (HSM) made by SafeNet, which is placed inside Amazon's CloudHSM service. Unlike most Amazon cloud services, this one gives each customer dedicated hardware.

CloudHSM "allows you to protect your encryption keys within HSMs designed and validated to government standards for secure key management," Amazon says. "You can securely generate, store, and manage the cryptographic keys used for data encryption such that they are accessible only by you."

This system lets Box encrypt and decrypt files when necessary. Customers “have their own private network in Amazon that the HSM is connected to,” Box Enterprise Product VP Rand Wacker told Ars. “They have multiple forms of authentication getting into the unit itself. We are not able to access the key management partition of HSM, so we only go into the public interface for the purposes of encryption and decryption. Every action we request of HSM is also logged in a non-changeable audit log that the HSM sends directly to the customer, which they use for their own internal compliance.”

While the module is stored in Amazon in part to prevent latency problems, each customer keeps a backup hardware security module in their own facilities. Box says it's considering a system in which customers would host the encryption boxes themselves without Amazon's help, but Amazon's involvement isn't likely to concern most customers.

"With the SafeNet devices themselves, whoever hosts them does not change the security profile," Wacker said. "The devices were originally designed to be loaded with keys and to be shipped to remote ATMs or to manufacturing sites overseas that literally had hostile environments, and so these being in hands of trusted third party MSP [managed service provider] hoster is not a concern to the customers we're talking to."

With EKM, the encryption process happens like this, a Box spokesperson told Ars when we asked for a detailed explanation of how the service works:

File uploaded to Box (encrypted in transit with TLS). We generate a Box Key to encrypt the file. We encrypt the file with the Box Key. We send the Box Key securely over to the Customer's HSM. HSM encrypts the Box Key with the Customer Key and sends it back securely to Box.

Box needs permission from the customer when decrypting files. “Before we can use our key, we need the customer to decrypt it inside the HSM,” the company said. “It's a layered encryption model. So while the data itself is not encrypted with the customer's key, the customer key is the gatekeeper for decrypting it. In effect, our key is useless until it's decrypted by the customer.”

Each time Box needs temporary access to decrypt files, “we go back to the customer to request access (by sending over the document key for decryption). Each request is captured in the logs controlled exclusively by the customer. Customers can monitor that log to see how the data is accessed and how the keys are being used, and we have no way of modifying that log.”

The customer doesn't have to manually approve each request, but anything out of the ordinary would be flagged. “There is a set of customer-approved request types (e.g. user-generated download requests) designed to support the normal (what customers would expect) functions of the service,” Box explained. “As long as it's one of those approved types, the request will be approved automatically. Requests that don't meet the approved criteria will be automatically denied.”

The HSM doesn’t store any files; it only stores customer-managed keys, which improves performance. “Some of the files that our customers store are very large. Instead of sending the large files back and forth, we are sending a key, which is much smaller,” Box said.

Box isn't the first cloud storage company to tackle the problems that EKM solves. WatchDox, for example, offers file sharing in the cloud, with an on-premises system, or in a hybrid option combining both.

The security technology Box is using isn't unique, either. But scaling it up to as many as 44,000 customers without breaking Box's collaboration services required a few dozen brainstorm sessions, Levie said. This is why the company did not go with an on-premises-only version for this first release.

"We have to have an approach to these problems that can scale with our large customer footprint, and starting first with an on-premises version would have made it really hard for us to go to scale, so we ruled that out after thinking it through," Levie said. "Ultimately came down to this solution, with the most number of customers we could serve in the most efficient manner."