Help shape the future of Box
Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!
See user guide here.
378 results found
-
Watermark on Download when user has View Upload rights
We need users who have Viewer Uploader rights to always have a document watermarked on DL. According to the ACL, Viewer Uploaders download without the Watermark.
3 votes -
Enterprise whitelist to apply "internal" collaboration settings
Our parent company has a large number of subsidiaries that have their own unique EIDs for a number of reasons (branding, administration, SSO settings). We also have extremely locked down external collaboration settings and as such are requesting the ability to have a whitelist of other Box enterprises that could be subject to the internal collaboration settings (e.g. no timeout on collaboration).
3 votesWe are not likely to implement this. From a customer experience perspective, it would be difficult to explain to companies not in this situation why another enterprise can enforce different collaboration settings on their users.
-
Extend Time for Required Password Resets
Extend Password requirements to 180 days
3 votesThis is not planned at this time.
-
3 votes
There are multiple asks captured here.
We now provide admins self serve options to rotate their certs. We will further improve SSO setup options over the coming quarters. Besides these 2, we don’t have other enhancements planned in this area. -
Have Device Trust perform occasional background checks on Sync client
Have Device Trust perform occasional background checks on Sync client to ensure the device still passes, otherwise remotely logout the device.
3 votesThis is not currently planned at this time.
-
More option for IP whitelisting
Currently, there are 2 options for IP whitelisting which are "webapp only" and "all endpoints". Is it possible to switch "API" as new option? I think "webapp only", "webapp+API", and "all endpoints" are enough options.
There are many enterprises using cloud-based IDP like Azure AD, Okta and Centrify which can implement Auto Provisioning/De-Provisioning using Box API. When "all endpoints" is set, IdP's Auto Provisioning/De-Provisioning fails because they use Box API. Some enterprises are choosing "all endpoint" in Japan for their security reason, so I would appreciate if you could consider this request seriously.
3 votes -
If virus is detected at the time of download, Virus Scan Alert on virus-found should be sent to the downloading user.
If customer opt-in for Virus Scan, Box currently checks for a virus at the time of file download too. And Box sends an e-mail to Admin and file owner when virus is found.
It should be a basic Box feature to alert and/or prevent a user from downloading a malicious file. Box should also quarantine or prevent a user from opening the file.
3 votesThis is not currently planned at this time.
-
Allow Device Trust to be more granular based on what content a user has access to
Any user with access to a specific confidential folder has to go through device trust checks before logging into their account.
3 votesNot currently planned at this time.
-
3 votes
Not currently planned at this time.
-
Closed folder structure
"My Sign Requests", "My Canvases" and "My Signed Documents" folders are created as private folders technically by Box, without any admin intervention. When using a closed folder structure, these folders can still be used by users to build their own folder structures, as they become the owner of this folder. This counteracts the idea of a closed folder system and represents a massive security gap. Users can then build folder structures and content in our box instance without any control by the admin and share them with external users.
These technically generated folders must therefore be restricted accordingly, or admins…
2 votes -
Hide older versions from certain collaborator levels
When you share a file/folder with another user, no matter what permission level you give them they are able to see all older versions. It would be great if we could hide those from lower level collaborators like you can do with comments.
2 votes -
Make editing password protected shared links clearer
When a shared link to document or folder is already password protected, and a user wishes to change the password, the password screen should be clearer as to how this is accomplished - possibly by an additional Change button or Confirm Changes
Currently this is unclear
2 votes -
Separate Allow and Block Lists for both Inbound and Outbound Collaboration
With regards to external collaboration, one can either enable external collaboration with any external domain (for both inbound and outbound collaboration), or one can specify an allow list of external domains for both inbound and outbound collaboration. We have different requirements with regards to inbound and outbound collaboration.
As such, we would like fine-grained control over both inbound and outbound collaboration domains. We may want a block list of inbound collaboration while having an allow list for outbound collaboration (or vice versa.)
Definitions:
Inbound collaboration: an collaboration invite from one's own Box tenant to an external, unmanaged account
Outbound collaboration:…2 votes -
Provide easier ways to extend collaboration expiration
Similar to the existing post below but the request is a bit different.
https://pulse.box.com/forums/909778-help-shape-the-future-of-box/suggestions/36108211-bulk-extend-collaboration-shared-link-expirationWe have folders where there are over 100 collaborators to extend on a certain cadence and need to click the "clock" button over 100 times, which obviously is so painful. We would like to have the ability to click "checkbox" to select collaborators to extend and update them in one shot.
2 votes -
Persistent cookies
Similar to Okta and Google Drive, we need the ability in Box to set use persistent cookie so the cookie doesn't expire when the browser is closed.
Google Drive allows this by default, and Okta lets us specify the policy for specific users:
( see usePersistentCookie according in https://developer.okta.com/docs/reference/api/policy/#signon-session-object)Workflow:
* launch browser, go to Okta, and log in (our IDP)
* open up the box link - everything works
* close the browser
* open the browser
* I'm still logged into Okta (since I have usePersistentCookie turned on)
* when I go to a Box link, I'm…2 votes -
Restrict the ability to create shared links for specific folders
I want to be able to disable the option to create a shared link on specific folders containing sensitive information. If I give access to an external collaborator, it means that I gave him an access with a username (his email) and password. i have the option to see if he downloaded or viewed the file. I don't want that external collaborator to create a shared link and send it to someone else.
2 votes -
Add a new permissions category - Upload download and view only
Permission to upload download and view only
o Not edit or delete2 votes -
Child Sexual Abuse Material
Apple's recent announcement of measures taken to improve child safety (https://www.apple.com/child-safety/) have raised an important concern about content stored in Box and what measures we can take as an enterprise to address it. While there does not appear to be anything that we can do at this point, perhaps adding a feature in Shield that provides MD5 pattern matching (similar to known malware scanning) that would allow administrators to be alerted when this kind of material shows up in their Box instance.
Background on the issue: https://www.missingkids.org/theissues/csam
2 votes -
End to end encryption for storage and shared links
End-to-end encryption (E2EE) is one of the most popular security trends lately, and if Box offered this functionality, it would be very popular, especially for audiences who have a strong affinity for privacy and cryptography.
2 votes -
Ability to whitelist files(sha1) from virus detection
Please consider to have an option to add whiltelist of files (sha1) so that it won't be show up as an unsafe file from virus scanning.
2 votes
- Don't see your idea?