Hubs permission model should be more granular
Currently in the Box Hubs Beta, all collaborators invited into a Hub receive the "Viewer" permission on files and folders linked in the Hub. This does not allow for Hub content to be view-only and block downloading of content. Alternative methods of managing this such as rolling out classification policies would not be scalable as Hubs usage grows. It would be great if Hubs collaboration could be more granular and there was an ability to invite users or groups into a Hub with other permissions such as "Previewer" so they are more restricted on what they can do after accessing content.
Adminjimd
(Admin, Box)
shared this idea
Hello! Changing status on this feature as we have it in our roadmap but we plan to make it in 2-3 quarters. We will keep you updated.
-
Anonymous
commented
A more granular Hub permissions model
Currently, in the Box Hubs beta, all collaborators invited to a Hub are granted "Viewer" permissions to linked files and folders within the Hub.
This doesn't allow you to make Hub content view-only or block downloads.
Alternative management methods, such as deploying classification policies, don't scale as Hubs adoption grows.
Hubs collaboration can be made more granular, with the ability to invite users or groups with other permissions, such as "preview permissions," to join the Hub, making it easier to restrict what they can do once they have access to content.
Hubの権限モデルをより細分化
現在、Box Hubsベータ版では、Hubに招待されたすべてのコラボレーターに、Hub内でリンクされたファイルとフォルダに対する「閲覧者」権限が付与されます。
これでは、Hubのコンテンツを閲覧専用にしたり、ダウンロードをブロックしたりすることはできません。
分類ポリシーの展開といった代替管理方法は、Hubsの利用拡大に合わせて拡張できません。
Hubsのコラボレーションをより細分化し、「プレビュー権限」などの他の権限を持つユーザーまたはグループをHubに招待する機能があれば、
コンテンツへのアクセス後に行える操作をより制限しやすくなります。(Edited by admin) -
AdminAnonymous
(Admin, Box)
commented
Hello. This request is still on our roadmap but we had to postpone this feature development. We will keep you posted!
-
Bruce Taylor
commented
A more granular permission model for hubs enhances security and functionality. Consider implementing role-based access control (RBAC) for simplified management, or attribute-based access control (ABAC) for rules based on user and resource attributes. Contextual permissions can adjust access based on factors like time or location. Fine-grained control allows permissions at the individual resource level, while custom permission sets enable tailored access. Include audit logs for monitoring changes and access attempts. Temporary access options can facilitate short-term collaborations. Regular reviews and easy revocation processes ensure permissions remain appropriate. This model fosters adaptability and secure collaboration.
-
Use Case: Private Equity Firm plans to use Hubs to share best practices content with their Portfolio Companies. However, they do not want the portfolio companies to be able to download this content because it's very sensitive.
