I would like Box Sign to have more flexible permission settings.
When Box Sign is enabled for a user, he/she can send sign requests, check the contents of requests shared with them, and view their inbox.
However, there are users for whom I do not want to allow sending sign requests, but I do want them to be able to check their inbox.
For example, our executives who frequently approve or sign documents in Box Sign but do not need to send signature requests by themselves.
I believe it is a potential security risk to give users the authority to send signature requests even though they do not need it.
Currently, Box Sign does not have a function to control external Sign sending. It would be great if we could have more granular control, such as allowing users to view the Sign inbox but not send requests.
After signing, users can download and review the signed document and signature log via the sign completion email.
But searching through the email inbox for them is inconvenient, so I would like to be able to complete everything within Box. So want to allow users to check the past signed document in Box via inbox of Box sign.
I understand that with Shield access policies it is possible to restrict Box Sign request sending both internally and externally. However, since Box Sign may also be used for internal approval processes, I think making it completely impossible to send is too much.
AdminM
(Admin, Box)
shared this idea
-
Anonymous
commented
「受信トレイは閲覧できるが、サインの署名依頼の送信はできない、という権限設定を可能にしてほしい」
・Box Signを有効化すると、ユーザーは署名依頼の送信・共有依頼の内容確認・受信トレイ閲覧が可能になるが、送信権限は不要で受信トレイのみ使わせたいユーザー(例:承認や署名が中心の経営層)がいる。
・不要な送信権限の付与はセキュリティリスクになり得るため、受信トレイ閲覧は許可しつつ、署名依頼の送信を禁止するなどのきめ細かな制御が必要。
現状、Box Signには外部宛て送信を制御する機能がなく、より細かな権限制御(送信不可・受信トレイのみ可等)の実装を希望。
・署名完了メールから文書や署名ログのダウンロードは可能だが、メール検索は不便なため、Box上(Signの受信トレイ)で過去の署名済み文書を閲覧できるようにしたい。
・Shieldのアクセス ポリシーで内外向けの送信制限は可能だが、社内の承認用途もあるため「送信を完全に不可」にするのは過剰。目的は外部送信の抑制や役割に応じた権限の細分化してほしい。English translation:
“We would like a permission setting that allows users to view the inbox but not send signature requests.”When Box Sign is enabled, users can send signature requests, review shared requests, and view the inbox. However, some users (e.g., executives who mainly approve or sign) only need to use the inbox and do not require sending privileges.
Granting unnecessary sending permissions could pose a security risk, so finer-grained controls are needed, such as allowing inbox viewing but prohibiting sending signature requests.
Currently, Box Sign does not have a feature to restrict sending to external recipients, so we would like more detailed permission controls (e.g., sending prohibited / inbox-only access).
While it is possible to download documents and signature logs from completion emails, searching through emails is inconvenient. Therefore, we would like the ability to view past signed documents directly on Box (in the Sign inbox).
With Shield access policies, it is possible to restrict sending to internal or external parties, but since internal approvals are also required, completely prohibiting sending would be excessive. The goal is to suppress external sending and allow for more granular permissions based on roles.
(Edited by admin)