Help shape the future of Box
Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!
See user guide here.
164 results found
-
Open Shared Link Controls: Default Password Requirements for Open Shared Links
REQUEST: Admin would like the ability to set a global control whereby all public/open ('people with the link') links must have a password.
Our current controls on shared links impact all 3 Shared Link permissions causing additional impact on the user experience.
168 votesInstead of “require password” security control, we intend to support “Require OTP” requirement for public links (via SMS, Email, or TOTP). I wanted to share where we are headed. We do not plan on delivering this ask as is, but we do intend to solve the security use case behind it.
Please comment if you disagree.
-
Collaborator Expiration - Include Co-Owner(s) in the Email Notification
Current Behavior:
--Email Notification - Sent to 'affected users' (defined as Folder Owner and the original Inviter, aka the person who invited in the collaborator who is about to expire)
--Ability to Extend Expiration Date - Folder Owner & Co-OwnersREQUEST: Add Co-Owner(s) to the email notification distribution so that they can take the burden off the folder owner (since co-owners already have the ability to extend the expiration date).
92 votesNot currently planned at this time.
-
Send a "here's how your items are shared" report to each user periodically
One of the most common sources of security breaches is due to a user inadvertently sharing an item more broadly or for longer than they intended.
A simple way to help limit those sorts of security breaches would be for Box to email every user a report periodically (configurable by the admin, but roughly monthly) that said "Here's how everything you own is shared with other people, and here's a link to the KB article that'll tell you how to fix it if it's not what you want", then showed a report of their folders, files, and shared links, with…
81 votes -
Shared Link Password Policy
Much like the default link expiry policy we would also like one specific to forcing passwords for shared links and preferably being able to define that policy with minimum characters and complexity.
Bonus would be passwords that are auto-generated and viewable by the creator of the shared links to minimize the need for external tools.
73 votes -
SSO exception
Ability to have exceptions for SSO for specific amdin accounts/test users. Use case: there's a series of admin accounts we use that own folders/content in Box but aren't actual users. Now when we want to turn on SSO - we now have to have OKTA accounts for those accounts and test users, when we'd prefer to just do Box 2FA for those vs. SSO enabled for all
49 votesUnfortunately this is not on the near-term roadmap, that being said this is a very interesting request which we may consider in the mid-long term.
-
Allow the use of Linux devices as approved devices.
We had Linux based user using Box web console and as of the July update, they are no longer able to access Box. I would like to see Linx OS be added to the approved Operating Systems list in the Admin Console for enterprise settings.
49 votes -
49 votes
-
'Email Shared Link' - Add Reporting for the Recipient (Who the shared links were sent to)
When sending shared link emails (via the Shared Link modal -> Email Shared Link option) we do not report on who we sent the email to.
REQUEST: In the UI and Excel exports, add information on who the shared link email was sent to.
30 votesNot currently planned at this time.
-
Natively generate QR Code for shared links
The ability to convert Box's shared link to QR code natively, instead of using unsecured free QR generating services
29 votes -
Set "SSO Required"/"SSO Enabled" for each user
The current "SSO Required" is for all managed users.
When creating "administrator user and general user" as a managed user, there are the following problems.
-It is necessary to create an administrator user ID on the IdP side.
-When accessing as an administrative user, it takes time and effort to log in from the IdP and access Box.
-A license fee will also be charged on the IdP side.If we can set "SSO required" and "SSO enabled" for each user, the problem will be solved.
28 votes -
Secure open link - Require email address verification with one-time password
【Summary】
Please add "Require email address confirmation by one-time password" to the Open Link settings.
This will allow the access statistics to show the email addresses of users who have accessed from the open link, so that you can determine if the access is suspicious or not.【Problem to be solved】
The current open link is not secure enough.
This is because it is not possible to determine who accessed the file.
With the current use, if a user who is not logged in to Box accesses from an open link, the access history only shows the IP address and…24 votes -
Add granularity to shared link controls
Based on organizational requirements and the variance, there should be additional controls such as limiting the capability to create shared links (open Links) to Admins or designated personnel as an option. This would allow for greater granularity as some divisions within an organization may have a need to share publicly, while also securing sensitive information
23 votesFor now, we are focussed on solving bulk management issues with Shared Links.
Box Shield is an additional option for enforcing granular controls on content.
-
22 votes
Not currently planned at this time.
-
Expose folder settings via API like "Restrict Collaboration" and "Hide Collaborators"
As far as I know new APIs are managed by platform team.
22 votesNot currently planned at this time.
-
Enforce parent folder collaboration restrictions on moved folders
Make sure that folder settings apply to all the subfolders. Currently, even if you restrict collaboration to within your company through folder settings, a folder that is already collaborated to external users can be moved into that folder. Right now, we don’t have the mechanism to check if a folder that is about to be moved is collaborated to external user.
21 votes -
Open Shared Link Controls: Prevent Open Shared Folder Links without Disabling Company Folder Shared Links
Right now you can't disable Open folder links without disabling Company folder links. The native Box setting for this is too restrictive (prevents sharing folders internally other than via collaboration).
18 votesWe are currently focussed on bulk operations with managing Shared links.
-
Email Notifications for Expiring External Collaborators
In addition to the owner of the folder receiving a notification that a collaboration is expiring, the user who initiated (invited) the collaborator, and the collaborator themselves receive notifications.
15 votesWhile we like this idea, it is not currently planned at this time.
-
Collaboration Blacklisting
We would benefit from the ability to make a blacklist of collaborations (perhaps via domain) to prevent against the inbound or outbound collaboration with a certain (or set) of domains.
The current collaboration whitelist capabilities do not permit for blacklisting -- they only allow for whitelisting.
For example: "Can we block all inbound and outbound requests to/from a certain domain (e.g., gmail.com)?"
15 votesNot currently planned at this time.
-
Create exceptions for auto-expiration of sharing and external collaborators
We have auto-expiration on file sharing but often need to share files with external collaborators for an indefinite amount of time. We can't keep re-sharing the file. Same for external collaborators - we have auto-expiration but we can't keep re-sharing folders with them.
12 votes -
Allow owners and co-owners of folders to be notified of auto-expiration events
Instead of only the owner and collaborator inviter being notified, include all folder co-owners in the email notification.
12 votes
- Don't see your idea?