Box Trust Center
Putting our customers and their content first


A longstanding commitment to security and compliance
At Box, security and compliance are part of our DNA. We're dedicated to earning and keeping our customers' trust — every day. The Box Trust Center connects you to the latest information on how we prioritize security, compliance, data privacy, and reliability for our products.

Our approach to reliability
You've put your trust in Box as a valued service provider and partner. To keep your trust, we’re committed to updating you on what's happening with and within the Box Services, whether it’s planned maintenance or an unexpected service disruption.

Enabling the responsible and secure use of enterprise-grade AI
With the adoption of AI, enterprises face unique security, privacy and compliance challenges that must be carefully addressed as regulations continue to evolve. We are committed to being transparent about our AI practices, technology, vendors, and data usage.

Exceed global compliance requirements
Intelligent Content Management enables advanced privacy and compliance in today’s global, digital-first world. We’re committed to delivering a secure content platform that helps you meet and exceed your regulatory and compliance needs and obligations.

Protecting US government agencies critical information
Digitize your agency services and drive government cloud security while maintaining industry compliance. Within the United States Federal and Department of Defense community, Box has achieved a number of certifications that demonstrate our capabilities and commitment to security.

Values that build trust (and a better world)
Environmental, social, and governance (ESG) priorities are woven into the fabric of our culture at Box. Our ESG website and ESG data sheet outline our commitments to protect our planet, invest in people and communities, and acting with integrity. We expect the same commitment from our suppliers, as set forth in our Supplier Code of Conduct.
How we approach security and compliance

Cloud Computing Controls Compliance Catalogue (C5)
Provided under NDA — please contact your account team

FINRA Report
Provided under NDA — please contact your account team

HECVAT Full
Provided under NDA — please contact your account team

HIPAA Assessment Letter
Provided under NDA — please contact your account team

IRAP Assessed
Provided under NDA - please contact your account team

ITAR
Provided under NDA — please contact your account team

Payment Card Industry Data Security Standard (PCI DSS)
Provided under NDA — please contact your account team

SIG
Provided under NDA — please contact your account team

SOC 1 & 2 - Type II
Provided under NDA — please contact your account team

Trusted Partner Network Gold Shield

Web Content Accessibility Guidelines (WCAG) 2.0 Level AA
VPAT provided under NDA — please contact your account team
FAQ
Find answers to frequently asked questions on security, reliability, compliance, and privacy.










