Please find our use case below for your better understanding and let us know how Box can support our requirements.

We are working with multiple clients, and our primary focus is data handling, especially PII data. Currently, we have a centralized storage system (File Server) to store client data files and folders, which are accessible by both internal users and clients, based on the access permissions we provide.

We are now planning to create Box accounts for each client, store the data there, and grant access to files/folders for our internal users as external collaborators. In this setup, the Box console should only be accessible through whitelisted IP addresses for our internal users (external collaborators). Internal users should only be able to access client files/folders from their Box account when connected to our domain network.

After conducting a POC, we found that we cannot implement IP address whitelisting for external collaborators, nor can we control external collaborators' Box interfaces from the client Admin console. Many of the security policies are unavailable for external users.

Essentially, clients will share files with us, and our internal users will simply view, edit, and share the files without being able to download them. There is no need to integrate with any third-party applications.

Please review the above and let us know if this requirement is feasible with Box. Alternatively, if there are other options within Box that could support our needs, we would appreciate your guidance.