To facilitate iWork collaboration between users, documents must first be transferred to Apple servers. The documents are operated on in memory, and to optimize editing performance, they are also encrypted and cached. Box provides and secures the encryption keys that are used to protect cached documents.
To decrypt a cached document for further editing, Apple servers obtain the required encryption keys from Box via an access token, which is first passed to the iWork app and from there to Apple’s servers. This access token is valid for only 24 hours. If users are still working on the document, the access token is automatically renewed, except on the web where the token is never renewed. Box can refuse to grant access to encryption keys if the user is no longer authorized to work on the document.
Encrypted documents are cached on Apple servers for up to 28 days, at which point they are automatically deleted. Cached documents are only decrypted when a user has opened a shared iWork document or an iWork document on the web, and only if Box grants access to the required key.
To generate previews, documents are transferred to Apple servers. They are stored temporarily and are never cached.