For detailed information on the security of Box's servers and services, please see our Security Overview.

Box adheres to the highest industry standards for security so you can share, access, and manage your content with confidence.


  • Secure data centers: Your content is stored on enterprise-grade servers that undergo regular audits and are monitored 24/7
  • Redundancy: Files are backed up daily to additional facilities
  • All files uploaded to Box are encrypted at rest using 256-bit AES encryption.
  • For files in transit, AES 256 is a supported cipher, however we default to use 3DES encryption. If you're using RC4 ciphers, you can disable them in your browsers and client apps.
  • AD/LDAP integration: Enterprise edition customers can replace Box’s authentication mechanism with their own


Box is also SAS70 Type II and Safe Harbor certified.


If you have further questions about the information shared here, please reach out to your Customer Success Manager or Account Executive who will be able to provide you with the details you need.