Help shape the future of Box

Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!

See user guide here.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add ability to allowlist unpublished apps in a Shield list or Access Policy

    Currently, the only apps that can be exempt from an Access Policy are published apps or custom JWT apps that have been approved in the Admin Console. There is a gap for unpublished OAuth apps that may need to be allowlisted from a policy.

    2 votes
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Shield  ·  Flag idea as inappropriate…  ·  Admin →
  2. Make available list of countries available for a Shield List

    The input fields are not the easiest way to find a value to add to a Shield List. Naming convention is different across systems, so it would be helpful to know the values that are available to be added.

    2 votes
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Shield  ·  Flag idea as inappropriate…  ·  Admin →
  3. View only ability as admin to view Detection rules, policies, and lists.

    Isolate the EDIT SHIELD CONFIGURATION co-admin permission to 2 different permissions:


    1. View-only detection rules, access policies, lists

    2. View, Edit, and Create Detection rules, access policies, and lists.

    1 vote
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Shield  ·  Flag idea as inappropriate…  ·  Admin →
  4. File Security Classification, non-compliance label

    When viewing a folder, it is currently not possible to know if there are files within the folder structure that have a differing classification label from the one at the root level. This "non-compliance" could potentially be problematic, or even a signal that someone has inadvertently changed a classification. It would be nice to have some kind of visual indicator that the top-level classification label is not 100% cascaded throughout the folder/file structure below it in the waterfall.

    1 vote
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    not planned  ·  1 comment  ·  Shield  ·  Flag idea as inappropriate…  ·  Admin →
  5. "Smart Access: Download restriction" for G-Suite

    We want "Smart Access: Download restriction" to control the download/printing capability of G-Suite apps. We want the integration just like office online which restrict download/print on office online apps.

    For security perspective, we want to minimize the risk of data breach, so we are planning to store the confidential files on box and restrict the content to be downloaded to the devices. However currently if user opened the files on G-Suite, the files can be downloaded or printed.

    4 votes
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    gathering feedback  ·  0 comments  ·  Shield  ·  Flag idea as inappropriate…  ·  Admin →
  6. Allow configuration of permissions to apply and change each classification created

    To apply or change a classification, select "Owners/co-owners and editors" in the classification settings, and then click Users with editorial privileges or higher can apply and change the classifications.
    However, by implementing a feature that allows configuration of permissions to apply and change each classification created, the Security can be enhanced.

    3 votes
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    gathering feedback  ·  0 comments  ·  Shield  ·  Flag idea as inappropriate…  ·  Admin →
  7. Inherit classifications when copying file from one folder to another

    In Box Shield Smart Access, if moved from Folder A, which is assigned the [In-House] classification, to Folder B, which is assigned the [Public] classification, Folder A's classification will be inherited.

    However, the classification of [In-house] in folder A is not inherited when the copy operation is performed, the [Public] classification assigned to folder B is assigned.
    Since the classification is not inherited by the copy operation, this function can be useful to prevent information leakage by implementing this function.

    3 votes
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    existing feature  ·  1 comment  ·  Shield  ·  Flag idea as inappropriate…  ·  Admin →
  8. Tale over the settings in shield trial mode

    Currently, the trial mode classification and settings will disappear at the end of the trial period.
    If we have a Shield contract, we would like to take over its classification and settings.

    By eliminating the need to set them up again in the production environment, we can make a smooth transition.

    4 votes
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    gathering feedback  ·  1 comment  ·  Shield  ·  Flag idea as inappropriate…  ·  Admin →
  9. filter the activity report with specific classification

    We want to get the activity reports for specific classification(just like specifying the folder).

    We need to audit user activities for confidential files every quarter. Current activity reports can only specify the user, date, folder and action, not classification.

    22 votes
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under consideration  ·  1 comment  ·  Shield  ·  Flag idea as inappropriate…  ·  Admin →
  10. Email Address Lists Shield

    To support ethical walls, it would be advantageous to be able to create lists of email addresses for different teams within the same company so that collaboration and shared link access can be restricted. Example for private side, public side employees within an investment bank content could be classified for each with access controls in place to prevent sharing and collaboration.

    2 votes
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    gathering feedback  ·  1 comment  ·  Shield  ·  Flag idea as inappropriate…  ·  Admin →
  11. Automatic classification based on filename

    We would like to be able to automatically classify certain files based on filename. We have files of a certain type, that always have the same file extension, that are always high-value assets for us. To be able to automatically classify these and change permissions around external sharing for them would be a big win for us. Without it, we either have to educate our users to always classify these manually, or be content with the possibility of them being outside our security preferences. However, we should also be able to un-classify them, in the rare event that one of…

    4 votes
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under consideration  ·  1 comment  ·  Shield  ·  Flag idea as inappropriate…  ·  Admin →
  12. Ability to send Shield alerts to a Pager Duty email address for email integration.

    It looks like I'm only able to notify users who are Shield co-admins whenever an alert is created. I would like to send alerts to a Pager Duty email address for email integration.

    I would like to avoid creating a separate user for the purposes forwarding emails to pager duty. I would also like to avoid creating a forwarding rule on my own inbox.

    Is it possible to send Shield alert notifications directly to non-user email addresses? If not, is this something the Box team is working on or can consider implementing?

    2 votes
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Shield  ·  Flag idea as inappropriate…  ·  Admin →
  13. Box Shield inherit classification on move/copy, not only on upload

    Box Shield needs to have the ability for files to inherit the classification of the containing folder during a move or copy. Currently, a file will only inherit the classification if it is uploaded to the folder with a certain classification. Example:

    File A has a classification of "Confidential" and is moved/copied to a folder that has an "Internal" classification. File A will not automatically inherit the "Internal" permission, and it either needs to be manually changed to "Internal", or have the entire containing folder re-classified as "Internal" so that all containing files then inherit the "Internal" classification.

    However, if…

    1 vote
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    not planned  ·  1 comment  ·  Shield  ·  Flag idea as inappropriate…  ·  Admin →
  14. Shield Alert - mark as resolved

    On the dashboard for Shield, you see a list of alerts generated through threat detection policies. We'd like to see the functionality where end users could mark an alert as seen and/or resolved so everyone who monitors the Shield alerts would know whether it's been resolved or open. This is similar to a ticketing system, but a simple notes body on the alert where someone could put an explanation of their response to the alert would greatly enhance visibility and drive better usability. Thanks!

    1 vote
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Shield  ·  Flag idea as inappropriate…  ·  Admin →
  15. The ability to search by Classification

    We would like to have the ability to search by classification.

    2 votes
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    gathering feedback  ·  1 comment  ·  Shield  ·  Flag idea as inappropriate…  ·  Admin →
  16. Log Access Policy Violations

    Box currently only logs successful actions. We would like to see when a user attempts to share content that is blocked by Shield Access policies. From a DLP and insider threat perspective this would be huge in determining what people are attempting to do, not just what they are successful at doing.

    1 vote
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under consideration  ·  0 comments  ·  Shield  ·  Flag idea as inappropriate…  ·  Admin →
  17. Device Pinning as a condition for "Download Restriction"

    Wondering if "device pinning" can register details of devices utilized by the user and allows/disallow the login from it. Why cant it be used as a condition under "Download Restriction". MDM solutions are not yet fully matured to cover all & frequently changing devices types .

    1 vote
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Shield  ·  Flag idea as inappropriate…  ·  Admin →
  18. Device Pinning as a condition for "Download Restriction"

    Wondering if "device pinning" can register details of devices utilized by the user and allows/disallow the login from it. Why cant it be used as a condition under "Download Restriction". MDM solutions are not yet fully matured to cover all & frequently changing devices types .

    1 vote
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    under consideration  ·  1 comment  ·  Shield  ·  Flag idea as inappropriate…  ·  Admin →
  19. Preventing Business file leak from Private folder.

    Box in our tenant provides a "Private folder", to every user, which doesn't allow the user to add collaborators. User can, however, use box link to share files with others.

    In a corporate setting, this folder is supposed to be accessible only by its respective owner( an employee), On an exit of the employee from the organisation, the private files in the folder may be allowed by the organisation to be copied/taken by the employee along. However, at the same time, it must be ensured that the business files are not stored in this folder to avoid leakage.

    I suggest…

    1 vote
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Shield  ·  Flag idea as inappropriate…  ·  Admin →
  20. Threat Detection Reporting

    My customer would like to get a report of the activities that detection rule is processing to ensure that is actually working. They have one rule (suspicious session) that has not generated any hits and thus they don’t know if it’s actually doing anything or not.

    1 vote
    Sign in Sign in with Box
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Shield  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1
  • Don't see your idea?

Feedback and Knowledge Base