Help shape the future of Box
Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!
See user guide here.
217 results found
-
Automatically classify content based off uploader
Automatically classify content based off uploader of document. Use case: anything a legal team member uploads should automatically be classified as confidential
2 votes -
Auto Classification Based Off Uploader
Automatically classify content based off uploader of document. Use case: anything a legal team member uploads should automatically be classified as confidential
1 vote -
Auto classification of files/folders based on metadata and comments
It would be helpful if Box's auto classification feature were able to trigger file classification (and thus, security controls) if metadata on a file/folder is sensitive in nature or if a file has comments/tasks/annotations that contain sensitive information.
2 votes -
Limit the rights of users who can change classification labels.
■Background
We are currently using Box Shield to control the public scope of shared links.
Currently, co-owners would still be able to use the classification labels even if they are set to "Owners/co owners" in the below settings.We want to make sure that only the owner can set classification labels.
■Details
Classification labels can be configured with "Admin console>Classification".
When the Box administrator clicks on Settings, the following settings are available:
Classification settings
Only allow selected permission types to modify classifications on content.
See collaboration permission chart.
Link:https://support.box.com/hc/en-us/articles/360044196413・Owners/co owners
・Owners/co owners and editors
・Owners/co owners, editors, and…1 vote -
Box Sheild can use some help
It would be great if there was a way to be able to enter notes on an incident. Also to flag an incident as complete and have it removed from the list.
4 votes -
PCI Compliance
As a user in an industry which must be PCI compliant,
I want content flagged by Shield as containing PCI content to not be included in the full-text search index,
So that our Box environment can be PCI compliant without having to disable full text search for the entire environment.1 vote -
Notify or provide options on password protected files in Automated Classification
When running automated classification, files containing passwords will not be checked for PII information. This means they are potentially at risk of getting shared externally. There should be options to classify them if they are password protected or it should have the option of alerting.
4 votes -
Add a Birthdate / Birth date infotype to Automated Classification
Birthday is not an an InfoType in automated classification. Please add this field.
2 votes -
Shield enhancement against EID-to-EID content move / copy
Need the ability to generate a Shield alert when someone copies or moves content from one EID repository to another EID; to include any movement of content via the api.box.com utilizing cURL or other CLI.
8 votesThis type of detection is something we want to investigate further. We are in the midst of getting additional feedback on this topic as the team works on other Threat Detection enhancements.
-
Restrict Collaboration for Individual External User
Customer would like to have the ability to block individual external users from collaborating on their enterprise content. The external domain allow list is too broad if only one or two external users need to be blocked from collaborating on content.
11 votesNot on the roadmap for FY25, will evaluate for FY26
-
Add ability to allowlist unpublished apps in a Shield list or Access Policy
Currently, the only apps that can be exempt from an Access Policy are published apps or custom JWT apps that have been approved in the Admin Console. There is a gap for unpublished OAuth apps that may need to be allowlisted from a policy.
2 votes -
Make available list of countries available for a Shield List
The input fields are not the easiest way to find a value to add to a Shield List. Naming convention is different across systems, so it would be helpful to know the values that are available to be added.
3 votes -
View only ability as admin to view Detection rules, policies, and lists.
Isolate the EDIT SHIELD CONFIGURATION co-admin permission to 2 different permissions:
- View-only detection rules, access policies, lists
- View, Edit, and Create Detection rules, access policies, and lists.
3 votes -
File Security Classification, non-compliance label
When viewing a folder, it is currently not possible to know if there are files within the folder structure that have a differing classification label from the one at the root level. This "non-compliance" could potentially be problematic, or even a signal that someone has inadvertently changed a classification. It would be nice to have some kind of visual indicator that the top-level classification label is not 100% cascaded throughout the folder/file structure below it in the waterfall.
2 votes -
"Smart Access: Download restriction" for G-Suite
We want "Smart Access: Download restriction" to control the download/printing capability of G-Suite apps. We want the integration just like office online which restrict download/print on office online apps.
For security perspective, we want to minimize the risk of data breach, so we are planning to store the confidential files on box and restrict the content to be downloaded to the devices. However currently if user opened the files on G-Suite, the files can be downloaded or printed.
7 votes -
Allow configuration of permissions to apply and change each classification created
To apply or change a classification, select "Owners/co-owners and editors" in the classification settings, and then click Users with editorial privileges or higher can apply and change the classifications.
However, by implementing a feature that allows configuration of permissions to apply and change each classification created, the Security can be enhanced.4 votes -
Tale over the settings in shield trial mode
Currently, the trial mode classification and settings will disappear at the end of the trial period.
If we have a Shield contract, we would like to take over its classification and settings.By eliminating the need to set them up again in the production environment, we can make a smooth transition.
4 votesNot planned for FY23. Will reconsider for FY24.
-
Ability to send Shield alerts to a Pager Duty email address for email integration.
It looks like I'm only able to notify users who are Shield co-admins whenever an alert is created. I would like to send alerts to a Pager Duty email address for email integration.
I would like to avoid creating a separate user for the purposes forwarding emails to pager duty. I would also like to avoid creating a forwarding rule on my own inbox.
Is it possible to send Shield alert notifications directly to non-user email addresses? If not, is this something the Box team is working on or can consider implementing?
8 votes -
Box Shield inherit classification on move/copy, not only on upload
Box Shield needs to have the ability for files to inherit the classification of the containing folder during a move or copy. Currently, a file will only inherit the classification if it is uploaded to the folder with a certain classification. Example:
File A has a classification of "Confidential" and is moved/copied to a folder that has an "Internal" classification. File A will not automatically inherit the "Internal" permission, and it either needs to be manually changed to "Internal", or have the entire containing folder re-classified as "Internal" so that all containing files then inherit the "Internal" classification.
However, if…
3 votes -
Shield Alert - mark as resolved
On the dashboard for Shield, you see a list of alerts generated through threat detection policies. We'd like to see the functionality where end users could mark an alert as seen and/or resolved so everyone who monitors the Shield alerts would know whether it's been resolved or open. This is similar to a ticketing system, but a simple notes body on the alert where someone could put an explanation of their response to the alert would greatly enhance visibility and drive better usability. Thanks!
40 votesWe are investigating the best options to implement this into our Threat Detection alerts and dashboard.
- Don't see your idea?