Force the Box iOS / Box Android / Box EMM applications to re-authenticate more often than every 60 days.
Ideally, we would like for the timeframe to be user definable.
This is an important security requirement for us as we move into supporting non-GFE devices, so please do let us know if you need additional information.
The mobile app is built on top of our APIs and therefore adheres to the standard token durations. Applications that are managed through an EMM provider already provide an advanced level of security that reduces overall risk.
As a workaround, through your EMM provider, you could revoke the Box application and force users to reinstall on whatever basis you deem appropriate.
Some providers may also allow you to revoke the managed app config which will force Box for EMM to log the user out.
At some point, however, you would have to push the managed app config back down to the device.