Help shape the future of Box
Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!
See user guide here.
206 results found
-
Secure admin only download of 'malicious' files for analysis
Admins should be able to download Box Shield tagged malware without marking the file safe for everyone. That way a security admin could download the file and scan it with their own security tools. That’s the only real way to diagnose if a file is malicious or just a false positive.
Asking us to mark it safe by chatting with the user is far from best practice
1 vote -
internal collaboration
Add a "Internal Collaboration Restriction" option for Box shield access policy. My company uses file classifications that are intended to inform users so that they know to restrict sharing of files to only those who need to know. It would be great to use the justification feature that already exists in the External collaboration restriction but within our domain.
1 vote -
Display settings for classification labels
We would like to be able to temporarily not display (not disclose) classification labels within a tenant after they are created, but in that case, we need to delete all classification label settings, and it is time-consuming to set them each time, so we would like to be able to select whether to show or hide them.
2 votes -
Wish to improve the custom terms in the classification settings to include the string custom term + string in the search.
The following rules apply to custom terms in the classification settings:
[Reference]
Also, the characters surrounding any match must be of a different type (letters or digits) from the adjacent characters within the word. For example:if the policy looks for "Acme-Internal", the scan will match on "Acme Internal", "acme-internal", "Acme - Internal", "Acme (INTERNAL)", "Acme: Internal", "728Acme-Internal", "Acme - Internal728", "Acme-Internal-728", and so on, but not "Acme-Internalization", or "Acem-Internal".
if the policy looks for "AcmeInternal", the scan will match on "acmeinternal", "AcmeINTERNAL", "AcmeInternal4u", and so on, but not "Acme Internal", "Acme_Internal", "AcmenInternalization", "Acme"[Request]
Japanese is a language in…1 vote -
Provide an exportable report for Shield Admin for each Anomalous Download alert
Every time an anomalous download alert is received, IT would ideally want to share a readily available report (XLSX / CSV) with the affected user's manager as they would know far more about the content and whether this is abnormal behavior. As it stands today, if the alert is not big then a manual list of folders / files is provided, or we have to run a User Activity Report (which can take some time) and then filter and cut down accordingly.
5 votes -
Separate download and print restrictions
We would like to use download and print restrictions in Access Policy separately.
Flexible configurations are required, when we handling sensitive files in Box.ex. We don't want to allow them to edit, but I do want to allow them to print.
5 votes -
Better information on Alert Information for Location Detection Rules
Please add the country below the IP on a Shield Alert Email for Allowed countries Detection rules notification. This keeps us from having to log into box to see what country the violation occurred in..
3 votes -
Classification labels are also applied to partial matches for words set in "Custom Term"
Classification labels are also applied to partial matches for words set in "Custom Term"
カスタム用語で設定された単語が部分一致した場合にも分類ラベルを適用内容
Classification labels are assigned only when an exact match is registered in the file for the file condition "custom term" in the Management Console > Classification > Classification Policy.
If you want to assign a classification label to a partially matched term, you need to register all the terms in the "custom term".
To save time and effort in registering, please improve the system so that classification labels are assigned even when partially matching words are found in the file.<Japanese>
管理コンソール>分類>分類ポリシーのファイル条件「カスタム用語」について完全一致した語句がファイル内に登録されている場合のみ分類ラベルが付与される
部分的に一致している語句も分類ラベル付与対象としたい場合、すべての語句を「カスタム用語」に登録する必要がある
登録する手間を省くため、部分的に一致した語句がファイル内に記載されている場合も分類ラベルが付与されるように改善してほしい1 vote -
Whitelisting file types in Malicious Content scanning in Box Shield
We are currently seeing a large number of non-malicious files being marked by Deep Scan as malicious, resulting in a lot of false positives. These are files such as .gif or .doc. The primary way to reduce the false positive rate would be to improve Deep Scan's scanning capability. However, I think it would also be beneficial to be able to exclude certain file types that are unlikely to include malware (e.g. .gif) from being scanned.
1 vote -
Create an audit only mode for classification policies
Auto-classification policies can receive an audit only mode similar to Shield Access Policies. Essentially an auto-classification policy in audit only mode will return a list of files that would have triggered an auto-classification upon upload or interaction. Shield administrators can then review the list of files that would have been classified and review for accuracy.
Decreases risk of misclassifying content due to policy misconfigurations.
2 votes -
Additional Information BoxShield Anomalous Download Alerts
Include further information within the anomalous download alert to show which application\service was used. Currently, this is only available from the user activity report, which takes a while to generate.
If the hostname and device type could be included, this would help decipher if anomalous downloads have taken place acorss multipe devices.
3 votes -
Add file extensions of .mus and .sib to automated classification in Box Sheild
Add the file extensions .mus and .sib for music notation software to automated classification functions to assist with the protection of I.P.
1 vote -
Shield Blocked Email Addresses (Not only Domains)
As of right now it is not possible to block a specific user with the external collaboration access policy restriction. This is only applicable for blocking domains. This request is to be able to add a specific user to the blocked list by email address.
2 votes -
Ability to configure Box shield alerts
Be able to set Shield alert priority based on the severity (quantity, amount, % change) of the Box Shield anomalous behavior. Today the Shield alerts are static and apply to the category as whole and not related to a quantifiable measure of risk. a 100% increase is treated the same as a 10,000% increase.
4 votes -
Block file request via classification / access policy
Currently there is no security control for access policies that allows to block file requests.
We created a classification "external" with the security control "External Collaboration Restriction". However it is still possible that externals upload files to these folders. To us this is also a way of external collaboration. And this also creates the risk of mixing internal and external files in folders that are classified as internal.3 votes -
Ability to have an Access Rule that limits an anonymously shared link to an IP address range.
We have documents stored in Box that we have used the anonymous shared link option. The reason we need this link is to manage the number of Box licenses. We have a large number for folks that need to view or download these documents and do not need to update or edit them. So a license does not make sense for them. We do what to limit access to these links to the internal folks only. We have explored setup of Access Rule to limit, being anonymous link, the rule does not apply. We would like to add the ability…
1 vote -
Control Outbound Collaboration in Box Shield
Box shield collaboration policies only seem to apply to inbound collaboration (i.e. sharing from one's own tenant to an external account). We need the ability to have fine-grained controls on what invites a managed user can accept from external tenants.
1 vote -
Shield Classifications Available for Certain Folders Only
Currently, if you create a classification label it will be available to apply to any folder or file. The ask is for the option to make the classification label available to apply in only certain folders.
An example of a use case is for an ITAR classification label - users should only apply this label to content in a contained ITAR folder. While in other folders they should not see the option to apply this label in the dropdown.
Auto classification policies currently has a similar feature, 'Folder Criteria'. For the classification labels, it would be great to have a…
1 vote -
Option to Display Warning Message to Users in Access Policy Monitoring Mode
It would be great to allow admins the option to display a "warning message" to users if they attempt an action that is in violation to the policy when the policy is in monitoring mode. Understanding that monitoring doesn't prevent the user from taking the action, it would still be a good tool for soft launching access policies if the option to display a message was available.
1 vote -
Folder path for Malware
Add folder path to the exclusions of the malware scan with Shield. Use case is around safe samples of Malware being housed in Box
7 votes
- Don't see your idea?