Help shape the future of Box
Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!
See user guide here.
197 results found
-
Allow custom Shield classification order
As a user, when I apply a classification, I want to see them in order of sensitivity, as opposed to alphabetical
4 votesNot a priority. Will revisit in 6 months.
-
Priority of classification policies in combination with shield detection rules
Hi,
I can currently prioritize classification policies. Unfortunately, the classifications used in this way categorically overwrite those created with box shield's access policies.
For example: I have a classification only with shield access policies.. high confidential. This includes external collaboration restriction, download and print restriction.
It will be set manually on the desired folders. All files in this folder are now protected
Now i also have a classification with classification policies like credit card number or IBAN code. This should inform user automatically that there's a file with (maybe) protectable content.
This overwrites the classification which is manually set on…1 vote -
Make Shield Lists Accessible via API
Shield lists are not currently editable using an API endpoint. In order to make it possible to automate adding and removing entries to lists, I suggest making it possible to create/view/edit/delete shield lists using the Box API.
13 votesNot a priority. Will revisit in 6 months.
-
Allow Shield List of Countries Usable for Access Policies
There may be certain countries a Box customer may be prohibited from sharing with under any circumstance. I suggest making it possible to whitelist or blacklist entire countries by allowing Shield Lists of countries to be included in Access Policies.
18 votesNot a priority. Will revisit in 6 months.
-
Shield Classification based on keywords or text terms
Shield auto-Classification on keywords or terms
1 vote -
Box Shield - reporting option within UI to export past Threat Detection Alerts
In addition to the Shield Dashboard, an option to export all past threat detection alerts
24 votesThis feature is something we want to bring with Shield. The team has developed a plan for Shield to support this functionality on the backend, but the feature is not on our immediate roadmap. We will continue to build out our plans to bring this to customers as the team works on our current roadmap.
-
Block file extensions lists in Shield malware detection
As part of Governance it is possible to move certain file types to a Quarantine folder. This is useful for a lot of ransomwares, as they change the extension of files.
Currently this "old" functionality has not yet been moved to Shield. Shield does have a malware detection, which uses threat detection technology. We would like to have the ability to extend this with a list of known extensions.
8 votes -
Require approval when sharing content with a business justification
Current access policy allows for external collaboration with a valid business justification, but we would also like to have the admin or folder owner approve the request to share externally, before the collaboration is sent. The current design doesn't allow for any validation and could potentially lead to content being shared with a restricted audience. Once the exception is approved, the collaboration could be set.
33 votesNot on the roadmap for FY25, will evaluate for FY26
-
Add Smart Access Security Control to cap external user permissions
Add the ability to cap external access. Example; restrict external users to Viewer/Uploader rights or below; or Viewer and below (e.g. Read Only).
1 vote -
We are unable to respond when Geodetection alerts are triggered. Would greatly appreciate ability to prevent access.
We have had a # of Geodetection alerts from users with unexpected IP addresses accessing shared links. Currently, we are unable to block these users, so we can only remove files after the fact. Our security team is requesting an ability to prevent this access (potentially with an ability for admins to override and allow the access).
5 votesTo be delivered October/November 2023.
-
Block single user
Our security has deemed a single email as suspicious. We would like to block this single email from connecting to our Box, or being collaborated into our Box.
With Shield we can block the whole domain, but that approach is too broad and would limit too many valid email addresses.
7 votesNot a priority. Will revisit in 6 months.
-
Shield classification user permissions
Request to make classification application settings specific to the classification. Currently, the setting for who can apply/remove a classification is for all classifications, but there are cases where it would be helpful that a classification to be only applied by owners and other where co-owner, or even editor would be allowed to apply certain classifications.
Examples:
1. A classification tied to a Shield access control rule that only owners can apply or remove
2. A classification tied to a Shield access control rule that owner/co-owners can apply or remove
3. A classification identifying a type of content that owners/co-owner/editors can…17 votesNot a priority. Will revisit in 6 months.
-
Take action on user based on Threat Detection Shield Rule
Extending threat detection ALERTS to take action on a user's access would be very valuable. I've heard lots of customers request having a user's account deactivated if they access Box from a suspicious location. Right now, there is not a way to do this through the core Box application, it has to be done through custom scripting or with another tool.
9 votesAutomatically logging user out from suspicious locations is on the roadmap for FY23.
-
Remove Collaborator Access Policy Security Control in Shield
When creating an access policy in Shield, there needs to be a security control that removes a collaborator after a specific period of time or on a specific date. It would work very similar to the "Invited Collaborators Expiration Settings" option that is available in the Admin Console under the Content and Sharing tab, but would be tied to a classification setting.
4 votes -
Can we get another pop-up screen when Deleting a Shield Access policy to make sure that is the action the admin wants to take?
The 'Delete' and the 'Edit' button are right next to each other on the Shield Access Policy page. When clicking 'Delete' the policy automatically deletes. It is easy to accidentally click instead of 'Edit'. Can we get a second window that asks if that is the action the Admin/ Co-Admin wants to take on the policy?
2 votes -
Support for Regular Expression (REGEX) for Auto-Classification in Shield
We would like the ability to support Regular Expressions (REGEX) for creating auto-classifications rules in Shield. This would greatly enhance how much we can leverage the capability
34 votes -
Option for Shared Link Restriction on new links only
We would like the option to apply the shared link restriction to "new links only" so that current links are not overwritten. This would be similar to the External Collaboration Restriction option to apply to "only new external collaborations"
1 voteNot on the roadmap for FY25, will evaluate for FY26
-
Shield Shared Links: Password Requirement
Passwords for public links are wonderful, however, the capability to enforce all links (even those with internal or collaborator scope) would be beneficial for users and content security. If this password requirement could be tied to classifications as an access policy, that would make it increasingly difficult for negligent or malicious actions on Box content. Currently, we can only decrease the scope available for shared links, but by requiring a password, there will be additional adoption for Box and Shield, especially within highly regulated industries that require external or public distribution of content.
42 votes -
Add classification columns to Collaboration and Shared Link Reports
Add columns to the Collaboration and Shared Link reports to display file/folder classification
5 votes -
Whitelisting Access Using Managed User Groups
Companies frequently hire contractors and provide them with company email addresses to access internal networks and applications. This creates an issue with contractors having visibility into an entire folders and not just the projects/folders that apply to them. Shield's whitelisting capabilities allow us to limit external email domains, but because contractors are given a company email domain the whitelisting capabilities do not apply.
We would like to be able to create a "Consultants" Managed User Group and whitelist access to break waterfall permission for internal Managed User Groups.
7 votes
- Don't see your idea?