Help shape the future of Box
Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!
See user guide here.
209 results found
-
Anomalous Download Alerts for external users
For the Anomalous Download Alerts, I would like it to apply to external users too so that if they are invited to our tenant's folder and they start downloading a lot I get an alert.
14 votes -
group admin to receive Shield alert and see shield dashboard
I would like to have group admin to be able to receive the Shield alert and also be able to see the Shield dashboard.
This is because currently the security team is not a co-admin but just a group admin and they would like to see alert from Shield14 votes -
Make Shield Lists Accessible via API
Shield lists are not currently editable using an API endpoint. In order to make it possible to automate adding and removing entries to lists, I suggest making it possible to create/view/edit/delete shield lists using the Box API.
14 votesNot a priority. Will revisit in 6 months.
-
Set default classification for all uploads with Box Classification
When every file is uploaded, set a default Classification value that can be updated manually or via a partner (Netskope, SkyHigh, Titus, etc.).
13 votesDefault classification label is not planned because it could be misleading to end users. However, to address the concern of content being leaked before it is classified, you can create an access policy applying to “All content without a classification label” in Box Shield.
-
Require Co-Admin privileges to change a Shield Classification Label
Require a user to have Co-Admin privileges in order to change an existing classification label. This is to prevent even Owners the ability to change the classification label to a lower security level once it's been set.
11 votes -
The "Application Restriction" should be configurable with the same granularity as the "Download and Print Restriction".
(Japanese follows English)
In the "Download and Print Restriction" section of Box Shield's Access Policy, it is possible to apply download, print, move and copy restrictions to Browser/Mobile/BoxDrive by specifying Managed/Outside Users and Owner/Co-Owner/Editor.
On the other hand, third-party applications are not included in this restriction, and only downloads can be restricted under "Application Restrictions".
We would like to be able to set "Application Restriction" to the same granularity as "Download and Print Restriction, as it provides a more consistent user experience if the same controls are applied regardless of which device or application is accessing the site.
Box Shieldのアクセスポリシーの「ダウンロードと印刷の制限」でブラウザ/モバイル/BoxDriveに対してダウンロードや印刷、移動、コピーの制限を管理対象/外部ユーザや所有者/共同所有者/編集者を指定して制限を適用することが出来ます。…
11 votes -
Restrict Collaboration for Individual External User
Customer would like to have the ability to block individual external users from collaborating on their enterprise content. The external domain allow list is too broad if only one or two external users need to be blocked from collaborating on content.
11 votesNot on the roadmap for FY25, will evaluate for FY26
-
Box Shield Dashboard "Next" and "Back" button in Alert ID page
When looking at the specific Alert ID page, I would like to have a "Next" and "Back" page so that I can go to the next Alert ID page. This is because when I get the alert ID result through the filtering and I go back to the Shield Dashboard, the filtering is reset so I need to set the filtering again to see the other Alert ID I wanted to see.
10 votes -
Add Anomalous Deletion Activity Alerting to Shield
Detect and alert if a user deletes an unusual number of files / folders
10 votesThe Box Shield Product team is researching the ask.
-
Folder path for Malware
Add folder path to the exclusions of the malware scan with Shield. Use case is around safe samples of Malware being housed in Box
9 votes -
Ability to customize Box Shield Malware scan messages
Ability to customize the email alerts that are sent for Box Shield Malware scan when detected. Would like the ability to customize the email alerts that are sent to end users when malware is detected on content uploaded.
Use Case: Customized messaging allows the customer to provide instructions or further details on what users need to do next when they receive the alert. Customer wants to notify end users on the internal process to ensure that the proper steps are taken.
9 votes -
Take action on user based on Threat Detection Shield Rule
Extending threat detection ALERTS to take action on a user's access would be very valuable. I've heard lots of customers request having a user's account deactivated if they access Box from a suspicious location. Right now, there is not a way to do this through the core Box application, it has to be done through custom scripting or with another tool.
9 votesAutomatically logging user out from suspicious locations is on the roadmap for FY23.
-
Geo Restricts for External Collaborators
Implement a Shield Geo-fencing control that would disable access to Box folders for External Collabs when they try to access Box content from abroad.
8 votes -
Shield Dashboard custom date filter
In the Shield Dashboard, currently the date filter only have past 1 day, 7 days, 30 days, 60days and 90days.
I would like a custom date filter because there are times where I need to search a content 3 days ago but if I set the filter at 7 days, there is too much content to search the specific alert.8 votes -
Alert if classification label is changed
Send a notification when a classification is changed. When a classification is changed for a piece of sensitive content, there is currently not an alert or notification generated. Reporting capabilities on any changed classification labels are also important.
8 votes -
Enable Smart Access automated classification in Box to support optical character recognition (OCR)
Enable automated classification in Box to support optical character recognition (OCR), so Box can extract and consider text embedded in images.
8 votes -
Access policies for individual folders
Would it be possible to set up access policies that can be applied per-folder instead of by Classification label?
We have Ethical Walls and security concerns where we need to prevent sharing of files of Client A with Client B and also with preventing individual users from being shared folders.
One way to do this would be classification policies - but I have far more clients than the twenty five label limit.
The way around this would be to allow access policies by folder, regardless of classification, as well as the Box-wide access policy for unclassified content.
Client A -…
8 votesThe feature is being evaluated for FY25 roadmap
-
Block file extensions lists in Shield malware detection
As part of Governance it is possible to move certain file types to a Quarantine folder. This is useful for a lot of ransomwares, as they change the extension of files.
Currently this "old" functionality has not yet been moved to Shield. Shield does have a malware detection, which uses threat detection technology. We would like to have the ability to extend this with a list of known extensions.
8 votes -
Whitelisting Access Using Managed User Groups
Companies frequently hire contractors and provide them with company email addresses to access internal networks and applications. This creates an issue with contractors having visibility into an entire folders and not just the projects/folders that apply to them. Shield's whitelisting capabilities allow us to limit external email domains, but because contractors are given a company email domain the whitelisting capabilities do not apply.
We would like to be able to create a "Consultants" Managed User Group and whitelist access to break waterfall permission for internal Managed User Groups.
8 votes -
Shield enhancement against EID-to-EID content move / copy
Need the ability to generate a Shield alert when someone copies or moves content from one EID repository to another EID; to include any movement of content via the api.box.com utilizing cURL or other CLI.
8 votesThis type of detection is something we want to investigate further. We are in the midst of getting additional feedback on this topic as the team works on other Threat Detection enhancements.
- Don't see your idea?