Dropbox has acquired assets from security firm Boxcryptor to offer end-to-end encryption to business users. The agreement’s terms weren’t disclosed.
Although Dropbox already offers encryption for data shuttled between its servers and user endpoints, it personally holds the keys, which theoretically allows the company to monitor any content flowing through.
Security firm Boxcryptor develops so-called ‘zero-knowledge’ encryption technology, which gives users full control over who is and isn’t allowed to decrypt their data.
Dropbox has acquired several technological assets from Boxcryptor and plans to integrate ‘zero-knowledge’ encryption into its stack. Dropbox is well-known for its cloud-based file backup and sharing services.
This level of privacy isn’t a major concern for many people, such as customers who use Dropbox to save family photographs or music files. However, end-to-end encryption should be a concern for organizations, as it ensures that no third party can access their data saved in the cloud.
According to Dropbox, the functionality of Boxcryptor will eventually be integrated natively into Dropbox for business users. Boxcryptor, founded in 2011, safeguards data across various cloud platforms, including OneDrive, SharePoint, Google Drive and Dropbox.
It looks like a buyout
Dropbox has been one of Boxcryptor’s ‘premier partners’ for some time. Boxcryptor closely collaborates with Dropbox to make sure its encryption features work well with the cloud storage provider’s cross-platform tech.
Looking at the agreement’s precise language, Boxcryptor claims that Dropbox has acquired its intellectual property, including “key technology assets”. The companies seem to actively avoid words such as ‘acquisition’, ‘takeover’ and ‘buyout’.
Nevertheless, the agreement appears to be a classic takeover. Boxcryptor will continue to support existing customers through the duration of their contracts, but after that, Dropbox takes over the service.
The selling point of Boxcryptor’s technology is its independence from storage providers: the software puts encryption keys in the hands of users. That explains the reluctance to call a spade a spade.