Help shape the future of Box
Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!
See user guide here.
209 results found
-
Shield Shared Links: Password Requirement
Passwords for public links are wonderful, however, the capability to enforce all links (even those with internal or collaborator scope) would be beneficial for users and content security. If this password requirement could be tied to classifications as an access policy, that would make it increasingly difficult for negligent or malicious actions on Box content. Currently, we can only decrease the scope available for shared links, but by requiring a password, there will be additional adoption for Box and Shield, especially within highly regulated industries that require external or public distribution of content.
43 votes -
Shield Malware Threat Detection False Positives on Excel Documents with Macros
Multiplan (160k ARR) turned on Malware Deep Scan and was getting 3-5 false positives per day because users across multiple departments often work on Excel Documents with Macros. Due to their process, users need to upload new versions of these Excel documents daily (they cannot use Version Control to handle this). So the IT team is being pinged every time a new version is added. This has been so overwhelming that the IT team has turned off Malware Detection. They will enable again if Macros are not accidentally flagged as potentially malicious.
38 votesThe team is evaluating the current model supporting Deep Scan to understand ways to improve detection on Microsoft file types.
-
Support for Regular Expression (REGEX) for Auto-Classification in Shield
We would like the ability to support Regular Expressions (REGEX) for creating auto-classifications rules in Shield. This would greatly enhance how much we can leverage the capability
35 votes -
Require approval when sharing content with a business justification
Current access policy allows for external collaboration with a valid business justification, but we would also like to have the admin or folder owner approve the request to share externally, before the collaboration is sent. The current design doesn't allow for any validation and could potentially lead to content being shared with a restricted audience. Once the exception is approved, the collaboration could be set.
34 votesNot on the roadmap for FY25, will evaluate for FY26
-
Shield Alert - mark as resolved
On the dashboard for Shield, you see a list of alerts generated through threat detection policies. We'd like to see the functionality where end users could mark an alert as seen and/or resolved so everyone who monitors the Shield alerts would know whether it's been resolved or open. This is similar to a ticketing system, but a simple notes body on the alert where someone could put an explanation of their response to the alert would greatly enhance visibility and drive better usability. Thanks!
33 votesWe are investigating the best options to implement this into our Threat Detection alerts and dashboard.
-
Auto Classification policy does not work when folders are copied or moved
We would like to improve the behavior so that the auto-classification policy works correctly for files within the folder, even if the folder is copied or moved.
【Details】
Currently, the Auto Classification policy works correctly when files are copied or moved, but not when folders are copied or moved.
For example, if a ".dwg" file is stored in the "Technical Information" folder, there is an automatic classification policy that assigns the label "Technical Information" (not for external collaboration).
In this case, when a file with a .dwg extension is moved from the "Outside Shared" folder, it is automatically assigned the…32 votesUnfortunately classifying child items upon move/copy operations of the parent folder is not being considered at this time.
-
Shield alert to show more than 90 days
Currently the Shield dashboard only show up to 90 days of alerts.
I would like to have the option to have all of the past alert and be able to filter it by custom date filter.31 votes -
Sheild > [Download and Print Restriction], if "For Box Desktop" is enabled, the Office co-editing function should be available via a browser
Sheild > [Download and Print Restriction], if "For Box Desktop" is enabled, the Office co-editing function should be available via a browser.
We have applied Box Shield's [Download and Print Restriction] to "For Box Desktop" and [Microsoft Office Coauthoring Basics] via browser is also disabled.
Microsoft Office Coauthoring Basics] via a browser is also disabled.
Similarly, Office co-editing functions that are opened via a browser should not be restricted, since access in BoxEdit is not restricted.
Errors in opening the file in the browser cause confusion for the user.
Also, please add the following explanation to the Access Policy Settings…29 votes -
Box Shield - reporting option within UI to export past Threat Detection Alerts
In addition to the Shield Dashboard, an option to export all past threat detection alerts
27 votesThis feature is something we want to bring with Shield. The team has developed a plan for Shield to support this functionality on the backend, but the feature is not on our immediate roadmap. We will continue to build out our plans to bring this to customers as the team works on our current roadmap.
-
Shield Dashboard to search files
I would like to have a feature in Shield Dashboard to search files to malware deep scan result. This is because the admin receive feedback about a specific file from end users and so the admin would like to check that file easily from the dashboard.
25 votes -
Increase the maximum number of Shield Classifications beyond 25 so that we can classify each clients content to prevent mis-sharing
I would like to see the ability to add Shield Classifications per client - with the appropriate access policy (restricting to client email domain) we could avoid any possibility to overshare when inviting the wrong clients into a folder or sharing a shared link - There is a maximum number of classifications of 25 so could this be extended to facilitate this use case/control.
25 votesWe will have a different solution to address the use case.
-
Exclude file movement in Box Drive from Box shield's anomalous download detection
When I move a folder with multiple files stored in Box Drive, Box Shield's anomalous download detection works.
Since the purpose of the detection of anomalous download is to detect downloads that are taken out of the system, this specification is not the behavior we are looking for.
Therefore, I would like to see Box Shield exclude moving files in Box Drive from the detection of anomalous download.In Japanese:
Box Driveで複数ファイルが格納されているフォルダを移動すると、Box Shieldの「異常なダウンロード」検知が動作してしまいます。
異常なダウンロード検知の目的は、ダウンロードによる持ち出しの検知なので、この仕様は求めている動作ではないです。
そのため、Box Driveの移動はBox Shieldの異常なダウンロード検知の対象外にしてほしいです。24 votesThe Box Shield Product team is researching the ask.
-
Allow bulk action on Shield malicious content alerts
Allow bulk action on BoxShield malicious content alerts. We have seen an extremely high rate of positives. Individually marking files as safe is not scalable, and need to be able to do bulk updates.
24 votes -
Export Control (ITAR/EAR) support by Box Shield (Increase the maximum number of Shield Classifications & Applying a classification label to
In the case of having global offices/teams, contents related to Export control are dispersed globally. However, the contents need to be in compliance for Export control.
The following two enhancements work well for supporting ITAR/EAR with dispersed contents in one Box entity:
1. Increase the maximum number of Shield Classifications - There is a limitation Classification (it's 25) now. To create combination label via country-base for ITAR/EAR, it requires a larger number of classifications.
2. Applying a classification label to a specific group - this ability is required to support large number of Classification (above enhancement).23 votes -
block an upload by external user using Box Drive with smart access
The current Shield feature only controls downloading, cannot blocks uploading/syncing and is not ransom-proof. The biggest problem is that when external users use BoxDrive and BoxSync, ransomware-infected files are uploaded/synchronized on Box.
21 votes -
Box Shield Delete Restriction Security Control
Adding an additional Shield security control to restrict the ability of Editors to send content to Trash would be a great way to fill the gap between Viewer Uploader and Editor permissions. One of the primary use cases for Viewer Uploader is the ability to collaborate on content without being able to delete that content but in its current state, Viewer Uploaders are also restricted from other important collaborative features like inviting collaborators.
19 votes -
Allow Box Relay functionality when access policies are applied in Box shield
There is an issue where Box Relay functionality is restricted when applying access policies in Box shield.
This is not the behavior that Box users expect and is very inconvenient, so please improve it.[Cases in which restrictions occur]
・Access Policy > Security Controls > Downloading and Printing Restrictions > Insert settings for internal use.
※[For Box web apps]・[For Mobile]・[For Box desktops] Enter one of these settings.
・Errors occur when Box Relay is run from an environment that differs from the access policy behavior.。Example)
・Set only mobile access policy for internal use.
・Triggering the Box Relay:upload、Result:Set up a…19 votes -
Allow Shield List of Countries Usable for Access Policies
There may be certain countries a Box customer may be prohibited from sharing with under any circumstance. I suggest making it possible to whitelist or blacklist entire countries by allowing Shield Lists of countries to be included in Access Policies.
19 votesNot a priority. Will revisit in 6 months.
-
Shield classification user permissions
Request to make classification application settings specific to the classification. Currently, the setting for who can apply/remove a classification is for all classifications, but there are cases where it would be helpful that a classification to be only applied by owners and other where co-owner, or even editor would be allowed to apply certain classifications.
Examples:
1. A classification tied to a Shield access control rule that only owners can apply or remove
2. A classification tied to a Shield access control rule that owner/co-owners can apply or remove
3. A classification identifying a type of content that owners/co-owner/editors can…18 votesNot a priority. Will revisit in 6 months.
-
Access policy prohibiting copying and moving to external folders(gray folders)
Current Status and Issues:
Currently, when a file or folder with a classification label is copied or moved to a gray folder, the classification is lost and the associated access policy stops working.
The only way to prevent this is to prohibit the move or copy itself by attaching a DL inhibit label.Desired improvement:
Please add "Prohibit copying to gray folders" to the access policy so that it can be set for each classification label.Why it is needed:
Because some customers are not attracted to Shield due to the above problem.
Also, setting a "no download" label would…16 votes
- Don't see your idea?