Remote key management in a cloud-based environment

What is claimed is: 1. A key service engine for facilitating remote key management services in a collaborative cloud-based environment, the key service engine comprising: a processor; a key service proxy device configured to initiate a remote key request responsive to a determination that a data item indicated by a content request is associated with remote key management functionality, the data item being encrypted or decrypted by an encryption key, and the remote key request corresponding to (a) an encryption of the encryption key performed by a remote key service engine to generate an encrypted encryption key or (b) a decryption of the encrypted encryption key performed by a remote key service engine to decrypt the encrypted encryption; and a reason engine configured to determine a reason code associated with the content request, wherein determining the reason code comprises directing the processor to: (a) identify the reason associated with the content request and (b) subsequently generate a corresponding reason code associated with the remote key request; the remote key request being processed by the remote key service engine that is located on a second client device that is remote from the key service proxy device located on a first client device, the remote key request sent across a network from the first client to the second client device, wherein the remote key request is processed by the remote key service engine based at least in part on the reason code. 2. The key service engine of claim 1 , wherein the content request comprises an upload request and wherein the remote key request includes a request to encrypt an encrypted encryption key. 3. The key service engine of claim 1 , wherein the content request comprises an access request and wherein the remote key request includes a request to decrypt a encrypted encryption key. 4. The key service engine of claim 1 , further comprising: a key encryption/decryption engine (E/D) engine configured to encrypt and decrypt an encryption key using a local key encryption key (KEK). 5. The key service engine of claim 1 , further comprising: a metadata engine configured to process a received content request to identify metadata associated with the content request, wherein the remote key request further includes the metadata. 6. The key service engine of claim 1 , further comprising: a client interface configured to send the remote key request to a remote client system for encryption with a once encrypted key or for decryption with a encrypted key, wherein the client interface is configured to responsively receive the encrypted key or the once encrypted, respectively. 7. The key service engine of claim 6 , wherein the client interface is further configured to receive a remote key encryption key (KEK) initiated by a remote client computer system responsive to an encryption request, wherein the remote KEK is utilized by a remote key management system to encrypt the encrypted encryption key. 8. The key service engine of claim 1 , further comprising: a cloud-based platform interface configured to receive the content request, wherein the cloud-based platform is in communication with a data store to direct the data store to store or access a local or remote key encryption keys associated with an encryption key. 9. A collaboration system for facilitating remote key management services in a collaborative cloud-based environment, the system comprising: a processor; a memory unit having instructions stored thereon which when executed by the processor, causes the collaboration system to: encrypt a content item indicated by a content request using an encryption key; encrypt the encryption key using a local key encryption key (KEK); determine if the content item is associated with remote key management functionality, a data item being encrypted by an encryption key, and a remote key request corresponding to encryption of the encryption key performed by a remote key service engine to generate an encrypted encryption key; and if the content item is associated with remote key management functionality, determine a reason code associated with the content request, wherein the reason code is determined by directing the processor to (a) identify the reason associated with the content request and (b) subsequently generate a corresponding reason code associated with the content request; and the remote key request being processed by the remote key service engine that is located on a second computing device that is remote from a key service proxy device located on a first computing device, the remote key request sent across a network from the first computing to the second computing device, wherein the remote key request is processed by the remote key service engine based at least in part on the reason code; and initiate a remote key encryption request including the encrypted encryption key and the reason code. 10. The collaboration system of claim 9 , wherein the instructions, when executed by the processor, further causes the collaboration system to receive a encrypted encryption key responsive to initiating the remote key encryption request. 11. The collaboration system of claim 9 , wherein the instructions, when executed by the processor, further causes the collaboration system to receive a receive a remote KEK responsive to initiating the remote key encryption request. 12. The collaboration system of claim 9 , wherein the collaboration system is configured to randomly select the local KEK. 13. The collaboration system of claim 9 , when the instructions, when executed by the processor, further causes the collaboration system to: receive the content request; process the content request to determine that a content item request is an upload request; and identify the content item indicated by the content item request. 14. A collaboration system for facilitating remote key management services in a collaborative cloud-based environment, the system comprising: a processor; a memory unit having instructions stored thereon which when executed by the processor, causes the collaboration system to: determine if a content item associated with a received content request is associated with remote key management functionality, a data item being decrypted by an encryption key, and a remote key request corresponding to encryption of the encryption key performed by a remote key service to a decrypt the encrypted encryption key; and if the content item is associated with the remote key management functionality, determine a reason code associated with the content request, wherein determining the reason code is determined by directing the processor to: (a) identify the reason code associated with the content request and (b) subsequently generate a corresponding reason code associated with the remote key request, the remote key request being processed by a remote key service engine that is located on a second computing device that is remote from a key service proxy device located on a first computing device, the remote key request sent across a network from the first computing to the second computing device, wherein the remote key request is processed by the remote key service engine based at least in part on the reason code; access a encrypted encryption key from a data store; and initiate a remote key decryption request including the encrypted encryption key and the reason code. 15. The collaboration system of claim 14 , wherein the instructions, when executed by the processor, further causes the collaboration system to: receive the content request and identify the content