Help shape the future of Box
Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!
See user guide here.
217 results found
-
Smart Access: Allow move/copy even with download restriction
Download restriction restricts external users (editor permission) from moving content within folders they have access to. There should be an option to restrict download but also allow for moving and copying within folders that have the classification policy because to an end user, this is not a download function.
1 vote -
Shield access policy customization - inclusion/exclusion list for downloading files
Interested in an inclusion/exclusion list FOR downloading files, as part of a Shield access policy.
Ex: If Owners/Co-Owners/Editors are OK to download they want control the file types they can download. I know you can control this by just creating a separate classification and policy but that could cause too many of them. Better to create an filetype inclusion list
0 votes -
Priority of classification policies in combination with shield detection rules
Hi,
I can currently prioritize classification policies. Unfortunately, the classifications used in this way categorically overwrite those created with box shield's access policies.
For example: I have a classification only with shield access policies.. high confidential. This includes external collaboration restriction, download and print restriction.
It will be set manually on the desired folders. All files in this folder are now protected
Now i also have a classification with classification policies like credit card number or IBAN code. This should inform user automatically that there's a file with (maybe) protectable content.
This overwrites the classification which is manually set on…1 vote -
Shield Classification based on keywords or text terms
Shield auto-Classification on keywords or terms
1 vote -
Add Smart Access Security Control to cap external user permissions
Add the ability to cap external access. Example; restrict external users to Viewer/Uploader rights or below; or Viewer and below (e.g. Read Only).
1 vote -
Option for Shared Link Restriction on new links only
We would like the option to apply the shared link restriction to "new links only" so that current links are not overwritten. This would be similar to the External Collaboration Restriction option to apply to "only new external collaborations"
1 voteNot on the roadmap for FY25, will evaluate for FY26
-
Auto Classification Based Off Uploader
Automatically classify content based off uploader of document. Use case: anything a legal team member uploads should automatically be classified as confidential
1 vote -
Limit the rights of users who can change classification labels.
■Background
We are currently using Box Shield to control the public scope of shared links.
Currently, co-owners would still be able to use the classification labels even if they are set to "Owners/co owners" in the below settings.We want to make sure that only the owner can set classification labels.
■Details
Classification labels can be configured with "Admin console>Classification".
When the Box administrator clicks on Settings, the following settings are available:
Classification settings
Only allow selected permission types to modify classifications on content.
See collaboration permission chart.
Link:https://support.box.com/hc/en-us/articles/360044196413・Owners/co owners
・Owners/co owners and editors
・Owners/co owners, editors, and…1 vote -
PCI Compliance
As a user in an industry which must be PCI compliant,
I want content flagged by Shield as containing PCI content to not be included in the full-text search index,
So that our Box environment can be PCI compliant without having to disable full text search for the entire environment.1 vote -
Device Pinning as a condition for "Download Restriction"
Wondering if "device pinning" can register details of devices utilized by the user and allows/disallow the login from it. Why cant it be used as a condition under "Download Restriction". MDM solutions are not yet fully matured to cover all & frequently changing devices types .
1 voteDynamic Device Trust as a condition for Download restriction is on the roadmap.
-
Preventing Business file leak from Private folder.
Box in our tenant provides a "Private folder", to every user, which doesn't allow the user to add collaborators. User can, however, use box link to share files with others.
In a corporate setting, this folder is supposed to be accessible only by its respective owner( an employee), On an exit of the employee from the organisation, the private files in the folder may be allowed by the organisation to be copied/taken by the employee along. However, at the same time, it must be ensured that the business files are not stored in this folder to avoid leakage.
I suggest…
1 vote -
Return character in Classification Definition
Currently "Classification Definition" can be written with 'return character' in its input form. But when this "Classification Definition" is shown to the user, 'return character' is being ignored and is shown in one line.
Definition needs to be shown in the same way it was written / configured, and also needs to be shown in several lines when required (e.g. written in multiple languages where each language's definition needs to be shown in each line, instead of all in single line).
1 vote -
Using Smart Access
When entering a List when creating a Shield Smart Access Policy, have drop down appear that shows all available lists with short descriptions so the user doesn't have to try to remember the names of the lists they created or what they generally contain.
1 voteNot planned in near term
-
Granular permissions per user for sharing public links/classified documents
The administrator should be able to set the default classification for all new documents (e.g. For Official Use).
Each user should be able to set their own default classification (which will override the system setting (e.g. Classified).
Each user should be able to change the classification for any new or existing document where she has sufficient rights. For existing documents, she should also be able to select multiple documents, and then change the classification for all those documents in one go.
1 voteDefault classification label is not planned because it could be misleading to end users. However, to address the concern of content being leaked before it is classified, you can create an access policy applying to “All content without a classification label” in Box Shield.
-
Events API - Add Policy Name to CONTENT_WORKFLOW_UPLOAD_POLICY_VIOLATION
Currently, when an Upload Policy violation occurs, Box reports on that violation in 3 ways:
1. Email notification
2. Admin Console -> Reports tab
3. Events APIIn the email notification and admin console->reports, Box provides the policy name for which the violation is occurring. However, Box does NOT include the policy name in the Events API entry, which causes a problem when we are pulling logs (via the Events API) into external reporting/SIEM tools like ArcSight/Splunk.
Request: Add 'Policy Name' to the CONTENTWORKFLOWUPLOADPOLICYVIOLATION entry in the Events API (to reach parity with the native Admin…
1 vote -
Privileged user audit controls
We would like to request a feature enhancement please to provide a new email alert to be triggered to a specified group of users when a global enterprise search is performed by a privileged Box admin user from the Box admin console.
We had an insider attack last year which included theft, abuse of privileges, credit card fraud and more. One of the methods he used was to perform enterprise level searches (credit cards, passports, drivers licences) across the whole Box environment.
Whilst we can manually look for these events via a report, this is far to slow to catch…
0 votes -
Selectively disable syncing to mobile and desktop based on content classification and/or user group.
0 votes
- Don't see your idea?