enterprisesecuritymag

Boxcryptor: Seamless End-to End Encryption

CIO VendorAndrea Pfundmeier, Co-Founder & CEO
Cloud computing plays a huge role in everyday lives, from both an individual’s as well as the overall industrial perspective. Use of encryption software for cloud storage services such as Dropbox, Google Drive, and Microsoft OneDrive for data privacy and security in the cloud is of highest priority in every organization. But, back in 2010, there was no such encryption software available in the market, which allowed users to add encryption and also simultaneously use cloud services without giving up the cloud advantage. Boxcryptor—end-to-end-encryption software optimized for cloud storage was developed in 2011, realizing the need for a solution that could fulfill such a requirement. “We developed Boxcryptor because we wanted to use Dropbox and add encryption to it while still being able to share files with others and access them on all our devices. We have developed software that allows users to use storage services without giving up their privacy and especially their comfort,” asserts Andrea Pfundmeier, the co-founder and CEO of Boxcryptor.

Whether it is Dropbox, Google Drive, iCloud, or Microsoft OneDrive, today Boxcryptor supports more than 30 cloud storage providers and is globally used to encrypt and protect data. It provides a user-friendly, additional layer of security for cloud storage by encrypting files locally on the user’s device. The “Made in Germany” solution was built with a mission to ensure seamless data security across smartphones, tablets, and desktop alongside an easy-to-use interface. By implementing a combined encryption process based on asymmetric RSA and symmetric AES encryption, Boxcryptor generates a unique random file key for each file at the time of file creation. Boxcryptor provides a solution for individuals as well for companies and not only supports typical cloud storage features including file history and selective sync but also provides zero knowledge encryption. “We want everyone to be able to use encryption irrespective of their field. Our focus is not only on the security aspects but also on usability,” states Andrea.

We want everyone to be able to use encryption irrespective of their field. Our focus is not only on the security aspects but also on usability


As a zero-knowledge encryption provider, Boxcryptor never has access to the private keys of the users. Individual users’ passwords are not stored in the Boxcryptor database, and without the password, it is impossible to decrypt a user’s private key or any files. For enterprises, Boxcryptor offers a special company account with additional features specially designed for businesses and organizations such as password reset, policy management, and a Master Key. It assists users to collaborate securely on files in the cloud while being compliant with internal and external regulations. Also, by enabling the Master Key feature, the firm can make use of the password reset feature. The Master Key feature gives clients the power to decrypt the private keys of all users, which belong to the specific company, without having to know their passwords. So, the company administrators can set a new user password by simply re-encrypting the user’s private key with a new password.

The firm has recently released its new Boxcryptor Enterprise Plan with single sign-on, which makes user management for large organizations easier and reduces the risk of human error while handling sensitive data. The new feature makes Boxcryptor one of the first zero-knowledge cloud encryption software in the market offering native SSO. Boxcryptor helps various sectors including healthcare, legal, and education to meet their security requirements. With customers from over 190 countries, it is a go-to solution for users to enjoy the advantages of the cloud without giving up privacy. Steering ahead, the company aims to add new capabilities to its solutions to provide more effective cloud computing security. “We collect feedback from our users and try to modify and implement this feedback in our internal roadmap to make sure that an effective product is built for the market. I think instead of thinking of IT security as a burden, companies should consider it as a talent--to position them in a way that they understand that user’s data privacy is important for us,” concludes Andrea.