Box, Inc. (NYSE:BOX), the leading Content Cloud, today announced that it has attained Authorized security status for StateRAMP, a cybersecurity framework that ensures service providers offering solutions to state and local governments are receiving adequate protection for their sensitive content. In partnership with The Los Angeles City Employees’ Retirement System (LACERS), the company’s StateRAMP sponsor, Box has successfully demonstrated that it has fully satisfied all StateRAMP security requirements, which is built on the National Institute of Standards and Technology Special Publication 800-53 Rev. 4 framework, modeled in part after FedRAMP, and based on a “complete once, use many” concept that saves time and reduces costs for both service providers and governments.
"At LACERS, we are responsible for the retirement, and ultimately the financial well-being and health of tens of thousands of individuals. Because of the gravity of this responsibility, we hold ourselves to the highest standards of security for our Member and employee data,” said Vikram Jadhav, Chief Digital Officer for LA City Employees Retirement System (LACERS). “Traditionally, this has restricted our ability to innovate our operations, but with Box, we found a partner company that held their solutions to those same high standards, which has allowed us to push the digital transformation of our organization forward. Now with StateRAMP emerging as a new standard for cybersecurity, we are happy to partner with Box in their application for StateRAMP authorization.”
“StateRAMP establishes common security criteria to standardize cloud security verification,” said Leah McGrath the Executive Director of StateRAMP. “We are excited that Box has joined our list of Authorized Products, offering a cloud solution that also meets the cybersecurity needs of State and Local organizations.”
“StateRAMP provides a vetted list of approved vendors that meet the capabilities and cybersecurity standards required to offer cloud-based solutions to state and local governments,” said Murtaza Masood, Global Managing Director for State and Local Government at Box. “Box’s investment in StateRAMP authorization demonstrates our dedication to helping government customers meet their cybersecurity requirements while driving secure digital transformation across their organization.”
State and local governments need a secure Content Cloud
Today, state and local governments face increased cyberthreats stemming from the shift to hybrid work, including ransomware attempts targeted at public services, access to sensitive information from remote locations, and the need for government organizations to protect Personally Identifiable Information (PII). As a StateRAMP Authorized vendor, the Box Content Cloud can help state and local governments:
- Transition to hybrid work: Box’s built-in security features, including strong user authentication via SSO and MFA, device trust, AES 256-bit encryption, customer managed encryption keys, vector-based watermarking, and seven user-friend sharing roles with shared link expiration, help employees meet and maintain the government’s published cybersecurity policies in a frictionless way.
- Reduce cyberthreats: Box’s native zero-trust controls in addition to its advanced security and compliance tools help secure mission critical information that state and local governments need to run efficiently. For example, Box Shield helps reduce accidental data leakage with auto-classification and Smart Access policies as well as intentional threats with multi-layered malware detection and anomalous alerting capabilities.
- Protect sensitive data: The Box Content Cloud can help state and local governments meet compliance standards for data security around PII, Personal Health Information (PHI), and Payment Card Industry (PCI). With Box Governance, customers can build a scalable retention strategy for highly confidential data across use cases like financial services and health care. Box enables state and local government employees to maintain the highest bar for security and compliance when accessing sensitive data, no matter where they are.
To learn more about Box for government, please visit www.box.com/industries/government.
Box (NYSE:BOX) is the leading Content Cloud that enables organizations to accelerate business processes, power workplace collaboration, and protect their most valuable information, all while working with a best-of-breed enterprise IT stack. Founded in 2005, Box simplifies work for leading organizations globally, including AstraZeneca, JLL, and Morgan Stanley. Box is headquartered in Redwood City, CA, with offices in the United States, Europe, and Asia. To learn more about Box, visit http://www.box.com. To learn more about how Box powers nonprofits to fulfill their missions, visit Box.org.