Topics Map > Communication and Collaboration > U of I Box

U of I Box, Family Educational Rights and Privacy Act information

How do I know Box is FERPA compliant?
The major factors why Box is considered FERPA compliant:
  • Auditing — Comprehensive audit trails for account actions, document lifecycles, sharing activity and more
  • Data encrypted at rest — 256 bit AES encryption of stored data
  • Encryption key policy — Encryption keys are securely stored in separate locations and frequently rotated
  • Security Certifications — including SSAE 16 Type II, Safe Harbor, SAS 70 type II
  • TLS (SSL) required — Yes, 256 bit SSL v3 required for all file access
  • Safe backups
Please note the previous items apply to data stored on Box servers. 

Data stored on client systems should be secured as stated in
This includes data made available for offline access by Box Sync or other applications.

KeywordsUofI Box FERPA compliance encryption sync   Doc ID48082
OwnerBox O.GroupUniversity of Illinois Technology Services
Created2015-03-03 15:23:08Updated2021-08-24 12:22:55
SitesUniversity of Illinois Technology Services
Feedback  0   0