Help shape the future of Box
Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!
See user guide here.
173 results found
-
Shield Malware Threat Detection False Positives on Excel Documents with Macros
Multiplan (160k ARR) turned on Malware Deep Scan and was getting 3-5 false positives per day because users across multiple departments often work on Excel Documents with Macros. Due to their process, users need to upload new versions of these Excel documents daily (they cannot use Version Control to handle this). So the IT team is being pinged every time a new version is added. This has been so overwhelming that the IT team has turned off Malware Detection. They will enable again if Macros are not accidentally flagged as potentially malicious.
32 votesThe team is evaluating the current model supporting Deep Scan to understand ways to improve detection on Microsoft file types.
-
Require approval when sharing content with a business justification
Current access policy allows for external collaboration with a valid business justification, but we would also like to have the admin or folder owner approve the request to share externally, before the collaboration is sent. The current design doesn't allow for any validation and could potentially lead to content being shared with a restricted audience. Once the exception is approved, the collaboration could be set.
32 votesNot on the roadmap for FY25, will evaluate for FY26
-
Support for Regular Expression (REGEX) for Auto-Classification in Shield
We would like the ability to support Regular Expressions (REGEX) for creating auto-classifications rules in Shield. This would greatly enhance how much we can leverage the capability
32 votes -
Increase the maximum number of Shield Classifications beyond 25 so that we can classify each clients content to prevent mis-sharing
I would like to see the ability to add Shield Classifications per client - with the appropriate access policy (restricting to client email domain) we could avoid any possibility to overshare when inviting the wrong clients into a folder or sharing a shared link - There is a maximum number of classifications of 25 so could this be extended to facilitate this use case/control.
25 votesWe will have a different solution to address the use case.
-
Shield Alert - mark as resolved
On the dashboard for Shield, you see a list of alerts generated through threat detection policies. We'd like to see the functionality where end users could mark an alert as seen and/or resolved so everyone who monitors the Shield alerts would know whether it's been resolved or open. This is similar to a ticketing system, but a simple notes body on the alert where someone could put an explanation of their response to the alert would greatly enhance visibility and drive better usability. Thanks!
24 votes -
Shield Shared Links: Password Requirement
Passwords for public links are wonderful, however, the capability to enforce all links (even those with internal or collaborator scope) would be beneficial for users and content security. If this password requirement could be tied to classifications as an access policy, that would make it increasingly difficult for negligent or malicious actions on Box content. Currently, we can only decrease the scope available for shared links, but by requiring a password, there will be additional adoption for Box and Shield, especially within highly regulated industries that require external or public distribution of content.
23 votes -
Export Control (ITAR/EAR) support by Box Shield (Increase the maximum number of Shield Classifications & Applying a classification label to
In the case of having global offices/teams, contents related to Export control are dispersed globally. However, the contents need to be in compliance for Export control.
The following two enhancements work well for supporting ITAR/EAR with dispersed contents in one Box entity:
1. Increase the maximum number of Shield Classifications - There is a limitation Classification (it's 25) now. To create combination label via country-base for ITAR/EAR, it requires a larger number of classifications.
2. Applying a classification label to a specific group - this ability is required to support large number of Classification (above enhancement).22 votes -
block an upload by external user using Box Drive with smart access
The current Shield feature only controls downloading, cannot blocks uploading/syncing and is not ransom-proof. The biggest problem is that when external users use BoxDrive and BoxSync, ransomware-infected files are uploaded/synchronized on Box.
19 votes -
Allow Box Relay functionality when access policies are applied in Box shield
There is an issue where Box Relay functionality is restricted when applying access policies in Box shield.
This is not the behavior that Box users expect and is very inconvenient, so please improve it.[Cases in which restrictions occur]
・Access Policy > Security Controls > Downloading and Printing Restrictions > Insert settings for internal use.
※[For Box web apps]・[For Mobile]・[For Box desktops] Enter one of these settings.
・Errors occur when Box Relay is run from an environment that differs from the access policy behavior.。Example)
・Set only mobile access policy for internal use.
・Triggering the Box Relay:upload、Result:Set up a…19 votes -
Box Shield Delete Restriction Security Control
Adding an additional Shield security control to restrict the ability of Editors to send content to Trash would be a great way to fill the gap between Viewer Uploader and Editor permissions. One of the primary use cases for Viewer Uploader is the ability to collaborate on content without being able to delete that content but in its current state, Viewer Uploaders are also restricted from other important collaborative features like inviting collaborators.
18 votes -
Shield alert to show more than 90 days
Currently the Shield dashboard only show up to 90 days of alerts.
I would like to have the option to have all of the past alert and be able to filter it by custom date filter.17 votes -
Shield Dashboard to search files
I would like to have a feature in Shield Dashboard to search files to malware deep scan result. This is because the admin receive feedback about a specific file from end users and so the admin would like to check that file easily from the dashboard.
16 votes -
Box Shield - reporting option within UI to export past Threat Detection Alerts
In addition to the Shield Dashboard, an option to export all past threat detection alerts
16 votes -
Allow Shield List of Countries Usable for Access Policies
There may be certain countries a Box customer may be prohibited from sharing with under any circumstance. I suggest making it possible to whitelist or blacklist entire countries by allowing Shield Lists of countries to be included in Access Policies.
14 votesNot a priority. Will revisit in 6 months.
-
Make Shield Lists Accessible via API
Shield lists are not currently editable using an API endpoint. In order to make it possible to automate adding and removing entries to lists, I suggest making it possible to create/view/edit/delete shield lists using the Box API.
13 votesNot a priority. Will revisit in 6 months.
-
Set default classification for all uploads with Box Classification
When every file is uploaded, set a default Classification value that can be updated manually or via a partner (Netskope, SkyHigh, Titus, etc.).
13 votesDefault classification label is not planned because it could be misleading to end users. However, to address the concern of content being leaked before it is classified, you can create an access policy applying to “All content without a classification label” in Box Shield.
-
Allow bulk action on Shield malicious content alerts
Allow bulk action on BoxShield malicious content alerts. We have seen an extremely high rate of positives. Individually marking files as safe is not scalable, and need to be able to do bulk updates.
12 votes -
group admin to receive Shield alert and see shield dashboard
I would like to have group admin to be able to receive the Shield alert and also be able to see the Shield dashboard.
This is because currently the security team is not a co-admin but just a group admin and they would like to see alert from Shield12 votes -
Restrict Collaboration for Individual External User
Customer would like to have the ability to block individual external users from collaborating on their enterprise content. The external domain allow list is too broad if only one or two external users need to be blocked from collaborating on content.
11 votesNot on the roadmap for FY25, will evaluate for FY26
-
Anomalous Download Alerts for external users
For the Anomalous Download Alerts, I would like it to apply to external users too so that if they are invited to our tenant's folder and they start downloading a lot I get an alert.
10 votes
- Don't see your idea?