Help shape the future of Box
Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!
See user guide here.
217 results found
-
Shield enhancement against EID-to-EID content move / copy
Need the ability to generate a Shield alert when someone copies or moves content from one EID repository to another EID; to include any movement of content via the api.box.com utilizing cURL or other CLI.
8 votesThis type of detection is something we want to investigate further. We are in the midst of getting additional feedback on this topic as the team works on other Threat Detection enhancements.
-
Ability to send Shield alerts to a Pager Duty email address for email integration.
It looks like I'm only able to notify users who are Shield co-admins whenever an alert is created. I would like to send alerts to a Pager Duty email address for email integration.
I would like to avoid creating a separate user for the purposes forwarding emails to pager duty. I would also like to avoid creating a forwarding rule on my own inbox.
Is it possible to send Shield alert notifications directly to non-user email addresses? If not, is this something the Box team is working on or can consider implementing?
8 votes -
Box Sheild - Improved alert policies
We are based out of the US but have a few users based out of other countries. As of now, every time they access Box we get an alert for a suspicious login location. We can exclude the entire country, which we do not wish to do or we can exclude a specific IP. It would be great if we could create a IF THEN statement. Example: IF user = *@specificdomain.com AND location=specific country THEN SuspiciousLocationAlert=False.
To summarize, additional configuration of alerts would be very beneficial.
7 votes -
Access Control Restrictions by user
As a administrator, I would like the ability to turn off certain Access Control Restrictions across all collaborators vs. limiting it to specific collaborator roles.
Example:
Download / Print Restrictions.we would still like users to leverage the app but, not allow them to download/print to their mobile device. Yes, the app function can be disable enterprise-wide but, we want to limit it to a specific function within the mobile app regardless of their collaborator role.
7 votes -
Block single user
Our security has deemed a single email as suspicious. We would like to block this single email from connecting to our Box, or being collaborated into our Box.
With Shield we can block the whole domain, but that approach is too broad and would limit too many valid email addresses.
7 votesNot a priority. Will revisit in 6 months.
-
"Smart Access: Download restriction" for G-Suite
We want "Smart Access: Download restriction" to control the download/printing capability of G-Suite apps. We want the integration just like office online which restrict download/print on office online apps.
For security perspective, we want to minimize the risk of data breach, so we are planning to store the confidential files on box and restrict the content to be downloaded to the devices. However currently if user opened the files on G-Suite, the files can be downloaded or printed.
7 votes -
Shield reports suspicious IP location when opening files through O365. Adds lots of unnecesary noise
In Shield, when a user previews/opens a file to Office Online it tracks as a suspicious IP location. It would be great if it could be separated and designated a lower priority than a genuine account compromise. Just a suggestion to clean up the Shield alert queue
7 votes -
Provide an exportable report for Shield Admin for each Anomalous Download alert
Every time an anomalous download alert is received, IT would ideally want to share a readily available report (XLSX / CSV) with the affected user's manager as they would know far more about the content and whether this is abnormal behavior. As it stands today, if the alert is not big then a manual list of folders / files is provided, or we have to run a User Activity Report (which can take some time) and then filter and cut down accordingly.
6 votes -
File version on Shield Alert
I would like to have the actual file version shown in the Shield Dashboard Alert ID. Currently it shows when the file is uploaded but does not show the file version. If the version is shown, it would be much easier to check the file.
6 votes -
Box Shield threat detection email alerts to include complete details
Include complete incident information with the thread detection email alerts. This will make it easy to share the information with others who do not have access to Box Shield admin portal, and will also eliminate an extra step of logging into admin portal for those receiving and triaging the alerts.
Use case: infosec team receives a Box Shield malicious content alert, identifies it as needing action, and passes it to the endpoint management team for mitigation.6 votes -
We are unable to respond when Geodetection alerts are triggered. Would greatly appreciate ability to prevent access.
We have had a # of Geodetection alerts from users with unexpected IP addresses accessing shared links. Currently, we are unable to block these users, so we can only remove files after the fact. Our security team is requesting an ability to prevent this access (potentially with an ability for admins to override and allow the access).
6 votesTo be delivered October/November 2023.
-
Add classification columns to Collaboration and Shared Link Reports
Add columns to the Collaboration and Shared Link reports to display file/folder classification
6 votes -
Allows the report to see the classification labels that have been applied in the past
In the User Activity Report, when a classification label is changed, it is logged. However, it does not record from which label was changed to which label..
One user currently sets the privilege to edit classification labels to editors (general employees). However, the more users with editing privileges, the greater the security risk. The only way to avoid this risk is to limit the scope of editing privileges to the owner or co-owner (superior). In that case, it would be too inconvenient, since it would be necessary to apply to the superior for a change in the classification label.
By…5 votes -
Filter Marked as safe
Shield needs a filter and a display setting for the dashboard for an alert that have been checked and marked as safe, currently it is hard to identify alerts that have been checked by other admins and marked as safe causing duplicate effort.
5 votes -
Improvement of anomalous download
At the present, Anomalous download can't detect the external user's behavior.
I think it is the risk of data leakage.
I want to detect anomalous download of external users who is invited my tenant.
thanks5 votes -
Separate download and print restrictions
We would like to use download and print restrictions in Access Policy separately.
Flexible configurations are required, when we handling sensitive files in Box.ex. We don't want to allow them to edit, but I do want to allow them to print.
5 votes -
Whitelisting file types in Malicious Content scanning in Box Shield
We are currently seeing a large number of non-malicious files being marked by Deep Scan as malicious, resulting in a lot of false positives. These are files such as .gif or .doc. The primary way to reduce the false positive rate would be to improve Deep Scan's scanning capability. However, I think it would also be beneficial to be able to exclude certain file types that are unlikely to include malware (e.g. .gif) from being scanned.
5 votes -
Mark file as safe across entire enterprise
We have a file stored in multiple (hundreds of) locations across our Box enterprise and it regularly gets falsely flagged as malicious. We mark it as safe each time, for each location. It would be nice if there was a way to mark the file as safe for ALL locations in our Box enterprise at once. The file is identical name, size, and hash in each location so marking it as safe once instead of hundreds of times would be very much appreciated.
5 votes -
If the access policy restricts download and printing, Excel files cannot be co-edited with MS Excel Online
Excel files cannot be co-edited in MS Excel Online if the access policy restricts downloading and printing.
One of the purposes of using Excel Online is co-editing.
I would like to be able to co-edit in a situation where downloads are restricted.5 votes -
Ability to exclude domains from autoclassification trigger
As a user, I want to be able to exclude my company domains from the Shield email address autoclassification trigger, so that policies are not being applied to internal emails, just external PII
5 votesNot a priority. Will revisit in 6 months
- Don't see your idea?