Help shape the future of Box
Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!
See user guide here.
249 results found
-
Ability to scope Malicious Content Rules by User/Group/Shield Lists
Currently malicious content rules apply to all users. To test moving from an audit/detection-only stance to enforcement, it would be useful to be able to create multiple rules that are scoped to specific users/groups/Shield Lists.
This will allow us to keep most users in an audit/detection-only rule, while we test enforcement with a pilot group in another rule.3 votes -
Better information on Alert Information for Location Detection Rules
Please add the country below the IP on a Shield Alert Email for Allowed countries Detection rules notification. This keeps us from having to log into box to see what country the violation occurred in..
3 votes -
Create an audit only mode for classification policies
Auto-classification policies can receive an audit only mode similar to Shield Access Policies. Essentially an auto-classification policy in audit only mode will return a list of files that would have triggered an auto-classification upon upload or interaction. Shield administrators can then review the list of files that would have been classified and review for accuracy.
Decreases risk of misclassifying content due to policy misconfigurations.
3 votes -
Block file request via classification / access policy
Currently there is no security control for access policies that allows to block file requests.
We created a classification "external" with the security control "External Collaboration Restriction". However it is still possible that externals upload files to these folders. To us this is also a way of external collaboration. And this also creates the risk of mixing internal and external files in folders that are classified as internal.3 votes -
Control Outbound Collaboration in Box Shield
Box shield collaboration policies only seem to apply to inbound collaboration (i.e. sharing from one's own tenant to an external account). We need the ability to have fine-grained controls on what invites a managed user can accept from external tenants.
3 votes -
Encrypt shield downloads
Encrypted downloads of files flagged as malicious so analysts can safely move files to a sandbox for further analysis.
3 votes -
Permanently mark a file as not malicious
We had a user (with Box Drive) who had a file marked as malicious. She apparently made a change to a local copy and added it back to her folder, causing it to be marked as malicious a second time. In fairness, the hash is different, since the file changed. When I looked at the first event, I ran the file through VT, and the results came back as all clean, so I marked it as not malicious. The user was still not able to access the file. I had to go back into Shield, find the second instance, scan…
3 votes -
Enable "Mark file as safe" in API
Provide an API endpoint to release a quarantine file ("Mark file as safe" in GUI) within box shield.
3 votes -
Restrict users to only some Shield label
Currently you can choose which users can put Shield label to contents.
However, this setting is for the whole tenant but I would like to set different types of users to some Shield label that does not apply to all the Shield labels.3 votes -
Co-Admin permission - Manage Shield Lists
It would be good to be able to delegate the update of Sheild lists so that someone can amend who is in a list without providing access to other shield functions.
For example, a list of people email addresses that can change because external parties that we collaborate change but we want to be able to remove/add people.
3 votes -
classification labeling time lag when item added to a folder with classification
When adding items to a folder with defined classification, there is a time lag (appx. 5 min) to reflect the classification to added items. (we know its 20min for 40K items but still we want to remove the time lag)
During the lag, a user can temporarily operate the items outside the policy defined on its classification.
This seems a critical defect in terms of its security, so please consider to fix the situation.
Thanks,3 votes -
Enable option with Shield Access Policy to break hard coded waterfall permissions (e.g. Editor --> View)
Enable option with Shield Access Policy to break hard coded waterfall permissions (e.g. Editor --> View).
E.g. everybody who is not the owner of the content previously was an Editor, but after I overlay a "View Only" Access Policy and Classification Label to the content, then everyone who is not the Owner of the content is View Only.
3 votes -
I would like the ability to hide malicious content in BoxShield.
If malicious content is uploaded to Box, we would like the ability to hide the content as well as suppress downloads.
If possible, we would like the content to be hidden automatically.
*For example, if infected with ransomware, we would like to hide the infected file and the file with the threatening message.This is because we want to take action on the administrator's side so as not to worry users.
3 votes -
Box Shield: enable granular controls for Threat Detection anomalous download behavior alerts
Box Shield: enable granular controls for Threat Detection anomalous download behavior alerts.
E.g. alert me when any file larger than xx GB is downloaded.
E.g. alert me when xx% more content is downloaded than normal.
E.g. alert me when xxxx file quantities are downloaded from yyyy folder.
3 votes -
Notify user on corrupt file upload
We should be able to notify a user when the file he just uploaded is detected by shield as corrupted.
The notification could be sent by mail or by notification on the website, depending on the configuration given by the user.This feature is relly important on a legal base, because each user should have the ability to correct his own mistake.
3 votes -
I would like to be able to change from a classification with a strict policy to a classification with a loose policy. The reverse should be
For the purpose of strictly protecting confidential information, we want to make it impossible to change from strict to loose permissions, even for users who have the authority to change classification labels. However, with the current Shield function, it is not possible to set the priority of changeability.
One possible way to achieve this is to allow users to set rankings for classifications or policies, and to limit the direction of the rankings.3 votesNot on the roadmap for FY25, will evaluate for FY26
-
Make available list of countries available for a Shield List
The input fields are not the easiest way to find a value to add to a Shield List. Naming convention is different across systems, so it would be helpful to know the values that are available to be added.
3 votes -
View only ability as admin to view Detection rules, policies, and lists.
Isolate the EDIT SHIELD CONFIGURATION co-admin permission to 2 different permissions:
- View-only detection rules, access policies, lists
- View, Edit, and Create Detection rules, access policies, and lists.
3 votes -
Box Shield inherit classification on move/copy, not only on upload
Box Shield needs to have the ability for files to inherit the classification of the containing folder during a move or copy. Currently, a file will only inherit the classification if it is uploaded to the folder with a certain classification. Example:
File A has a classification of "Confidential" and is moved/copied to a folder that has an "Internal" classification. File A will not automatically inherit the "Internal" permission, and it either needs to be manually changed to "Internal", or have the entire containing folder re-classified as "Internal" so that all containing files then inherit the "Internal" classification.
However, if…
3 votes -
Threat Detection Reporting
My customer would like to get a report of the activities that detection rule is processing to ensure that is actually working. They have one rule (suspicious session) that has not generated any hits and thus they don’t know if it’s actually doing anything or not.
3 votes
- Don't see your idea?