Preventing Business file leak from Private folder.
Box in our tenant provides a "Private folder", to every user, which doesn't allow the user to add collaborators. User can, however, use box link to share files with others.
In a corporate setting, this folder is supposed to be accessible only by its respective owner( an employee), On an exit of the employee from the organisation, the private files in the folder may be allowed by the organisation to be copied/taken by the employee along. However, at the same time, it must be ensured that the business files are not stored in this folder to avoid leakage.
I suggest there must be a provision to create a security policy allowing only files of specific classification, either classified as"Personal" or carries the same as an attribute in the file metadata, copies in the folder. User should not be allowed to create a new file in the folder as that can bypass security by copying and pasting business content into a new file.