Help shape the future of Box
Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!
See user guide here.
215 results found
-
Additional info in Anomalous Download Shield e-mail notifications
It would be very helpful to see "Previous weekly download amount", "anomalous download amount" and the "delta" on Anomalous download e-mail notifications. We use these to identify notifications that require further investigation, but these are only available by clicking into the reports which make this kind of detection difficult to scale and manage.
1 vote -
Enhanced Auto Classification and File Criteria for All File Types in Box
We would like to have the ability to specify all file types in the file criteria for auto classification. Since there is currently no way to cascade classifications to all files excluding folders (categorizing confidential info on a file-by-file basis), I would like a feature where all files can be classified.
With the current individual extension specifications, it is not possible to use wildcard characters, so we would like to reduce the potential for information leakage due to intentional extension changes.
2 votes -
File criteria exclusion list for Box Shield classification policies
When setting up classification policies, Omnicell, Inc., would like to be able to create a list of custom terms to exclude, in addition to the existing ability to designate file criteria that will trigger application of a classification label. This would reduce the number of documents that will incorrectly have a classification applied when auto-classification is enabled. For example, Omnicell has a lot of content with dummy PHI in their environment - this content is allowed to be stored in Box and should not be classified; however, they also want to protect actual PHI that may be stored in Box,…
2 votes -
Allow for exceptions on the Download and Print Restriction security control.
Allow for exceptions on the Download and Print Restriction security control.
We want to restrict users from downloading files that have been identified as having PII. However, we would like a mechanism to allow users that have a business reason to download files. Either through a 'User Justification' similar to the 'External Collaborators Restriction' security policy or an approval workflow.
1 vote -
Ability to scope Malicious Content Rules by User/Group/Shield Lists
Currently malicious content rules apply to all users. To test moving from an audit/detection-only stance to enforcement, it would be useful to be able to create multiple rules that are scoped to specific users/groups/Shield Lists.
This will allow us to keep most users in an audit/detection-only rule, while we test enforcement with a pilot group in another rule.3 votes -
Allow groups to be specified as 'notified to' in Box Shield Threat Detection Rules
Only user accounts can be specified for the 'Notification Destination' of the Threat Detection rules in Box Shield.
Since maintenance is required when the person in charge changes, it should be possible to specify a group.■In Japanese:
Box shieldに存在する検出ルールの「通知の送信先」は、ユーザーアカウントのみが指定できます。
担当者が変わったときメンテナンスが必要になるので、グループを指定できるようにしてください。1 vote -
Exclude file movement in Box Drive from Box shield's anomalous download detection
When I move a folder with multiple files stored in Box Drive, Box Shield's anomalous download detection works.
Since the purpose of the detection of anomalous download is to detect downloads that are taken out of the system, this specification is not the behavior we are looking for.
Therefore, I would like to see Box Shield exclude moving files in Box Drive from the detection of anomalous download.In Japanese:
Box Driveで複数ファイルが格納されているフォルダを移動すると、Box Shieldの「異常なダウンロード」検知が動作してしまいます。
異常なダウンロード検知の目的は、ダウンロードによる持ち出しの検知なので、この仕様は求めている動作ではないです。
そのため、Box Driveの移動はBox Shieldの異常なダウンロード検知の対象外にしてほしいです。25 votesThe Box Shield Product team is researching the ask.
-
The "Application Restriction" should be configurable with the same granularity as the "Download and Print Restriction".
(Japanese follows English)
In the "Download and Print Restriction" section of Box Shield's Access Policy, it is possible to apply download, print, move and copy restrictions to Browser/Mobile/BoxDrive by specifying Managed/Outside Users and Owner/Co-Owner/Editor.
On the other hand, third-party applications are not included in this restriction, and only downloads can be restricted under "Application Restrictions".
We would like to be able to set "Application Restriction" to the same granularity as "Download and Print Restriction, as it provides a more consistent user experience if the same controls are applied regardless of which device or application is accessing the site.
Box Shieldのアクセスポリシーの「ダウンロードと印刷の制限」でブラウザ/モバイル/BoxDriveに対してダウンロードや印刷、移動、コピーの制限を管理対象/外部ユーザや所有者/共同所有者/編集者を指定して制限を適用することが出来ます。…
11 votes -
Improvement of anomalous download
At the present, Anomalous download can't detect the external user's behavior.
I think it is the risk of data leakage.
I want to detect anomalous download of external users who is invited my tenant.
thanks5 votes -
Shield access policy to restrict shared link creation
Have the option to restrict shared link creation with Box Shield access policy
1 vote -
Auto Classification policy does not work when folders are copied or moved
We would like to improve the behavior so that the auto-classification policy works correctly for files within the folder, even if the folder is copied or moved.
【Details】
Currently, the Auto Classification policy works correctly when files are copied or moved, but not when folders are copied or moved.
For example, if a ".dwg" file is stored in the "Technical Information" folder, there is an automatic classification policy that assigns the label "Technical Information" (not for external collaboration).
In this case, when a file with a .dwg extension is moved from the "Outside Shared" folder, it is automatically assigned the…32 votesUnfortunately classifying child items upon move/copy operations of the parent folder is not being considered at this time.
-
Secure admin only download of 'malicious' files for analysis
Admins should be able to download Box Shield tagged malware without marking the file safe for everyone. That way a security admin could download the file and scan it with their own security tools. That’s the only real way to diagnose if a file is malicious or just a false positive.
Asking us to mark it safe by chatting with the user is far from best practice
1 vote -
internal collaboration
Add a "Internal Collaboration Restriction" option for Box shield access policy. My company uses file classifications that are intended to inform users so that they know to restrict sharing of files to only those who need to know. It would be great to use the justification feature that already exists in the External collaboration restriction but within our domain.
1 vote -
Display settings for classification labels
We would like to be able to temporarily not display (not disclose) classification labels within a tenant after they are created, but in that case, we need to delete all classification label settings, and it is time-consuming to set them each time, so we would like to be able to select whether to show or hide them.
2 votes -
Wish to improve the custom terms in the classification settings to include the string custom term + string in the search.
The following rules apply to custom terms in the classification settings:
[Reference]
Also, the characters surrounding any match must be of a different type (letters or digits) from the adjacent characters within the word. For example:if the policy looks for "Acme-Internal", the scan will match on "Acme Internal", "acme-internal", "Acme - Internal", "Acme (INTERNAL)", "Acme: Internal", "728Acme-Internal", "Acme - Internal728", "Acme-Internal-728", and so on, but not "Acme-Internalization", or "Acem-Internal".
if the policy looks for "AcmeInternal", the scan will match on "acmeinternal", "AcmeINTERNAL", "AcmeInternal4u", and so on, but not "Acme Internal", "Acme_Internal", "AcmenInternalization", "Acme"[Request]
Japanese is a language in…1 vote -
Provide an exportable report for Shield Admin for each Anomalous Download alert
Every time an anomalous download alert is received, IT would ideally want to share a readily available report (XLSX / CSV) with the affected user's manager as they would know far more about the content and whether this is abnormal behavior. As it stands today, if the alert is not big then a manual list of folders / files is provided, or we have to run a User Activity Report (which can take some time) and then filter and cut down accordingly.
5 votes -
Separate download and print restrictions
We would like to use download and print restrictions in Access Policy separately.
Flexible configurations are required, when we handling sensitive files in Box.ex. We don't want to allow them to edit, but I do want to allow them to print.
5 votes -
Better information on Alert Information for Location Detection Rules
Please add the country below the IP on a Shield Alert Email for Allowed countries Detection rules notification. This keeps us from having to log into box to see what country the violation occurred in..
3 votes -
Classification labels are also applied to partial matches for words set in "Custom Term"
Classification labels are also applied to partial matches for words set in "Custom Term"
カスタム用語で設定された単語が部分一致した場合にも分類ラベルを適用内容
Classification labels are assigned only when an exact match is registered in the file for the file condition "custom term" in the Management Console > Classification > Classification Policy.
If you want to assign a classification label to a partially matched term, you need to register all the terms in the "custom term".
To save time and effort in registering, please improve the system so that classification labels are assigned even when partially matching words are found in the file.<Japanese>
管理コンソール>分類>分類ポリシーのファイル条件「カスタム用語」について完全一致した語句がファイル内に登録されている場合のみ分類ラベルが付与される
部分的に一致している語句も分類ラベル付与対象としたい場合、すべての語句を「カスタム用語」に登録する必要がある
登録する手間を省くため、部分的に一致した語句がファイル内に記載されている場合も分類ラベルが付与されるように改善してほしい1 vote -
Whitelisting file types in Malicious Content scanning in Box Shield
We are currently seeing a large number of non-malicious files being marked by Deep Scan as malicious, resulting in a lot of false positives. These are files such as .gif or .doc. The primary way to reduce the false positive rate would be to improve Deep Scan's scanning capability. However, I think it would also be beneficial to be able to exclude certain file types that are unlikely to include malware (e.g. .gif) from being scanned.
3 votes
- Don't see your idea?