Help shape the future of Box
Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!
See user guide here.
406 results found
-
Score A+ on securityheaders.com
box.com currently scores a B on securityheaders.com:
https://securityheaders.com/?q=box.com&followRedirects=onPlease implement the missing security headers to score A+.
1 vote -
OCSP stapling
Please add support for OCSP stapling. This will speed up connections to box.com and help protect the users' privacy by eliminating the need for them to contact certificate authorities to check the revocation status of box.com's certificate.
When box.com replaces its current certificate, please consider getting one that specifies OCSP Must-Staple.
1 vote -
Submit box.com for HSTS preloading
This will force users to connect to box.com over HTTPS if they attempt an insecure HTTP connection, even if it is their first time trying to visit box.com. box.com already uses HSTS, so HSTS preloading is the natural next step in improving security.
https://hstspreload.org/?domain=box.com1 vote -
Prevent internal users collaborating on external content
This would prevent the possibility that users might collaborate on content that they do not own and from uploading or sharing content into spaces not owned by their own organisation
3 votes -
Notify user of quarantined file actions
Notify user after a quarantined file has been released or deleted
4 votes -
Approve or deny mass download
We want the ability to approve or deny a mass download action when we received an alert.
3 votes -
Allow collaboration with secondary email addresses/alias
Our users have email addresses ending with <company name>.bw and the UPN is ending with <company name>.com.
Box treats <company name>.com and <company name>.bw as different IDs and Box only logs through SSO, so account is validated through UPN only which is <company name>.com.
When users login with <company name>.com they are able to login to box but they are unable to see the files which have been shared with <company name>.bw id.
When any file/folder is shared with <company name>.com id users do not receive any email because the primary SMTP has been setup with <company name>.bw.2 votes -
The ability to check the characters when setting/typing the password for shared link and account
When we're entering passwords of shared links and accounts, we want to check it by seeing the actual characters.
For example, this request has been achieved on the following page:
https://account.box.com/signup/n/personal
Is it possible for you to implement the same button in the account ligin page and the shared link setting window?
3 votes -
Password reset process is cumbersome
Even with the understanding that my specific situation might add a few steps, it is significantly longer and more involved than the analogous process for any other product, tool, or service that I use. I have described the steps that I have to go through and would encourage the Box Developers and UX Teams to consider a more seamless way to do this in some future release.
Reset Password – Box Drive
Key:
- = optional step, performed for positive validation that the new password was accepted
+ = step that is specific to my setup- At Windows/Domain login, notification…
3 votes -
Add configurable governance alerting
Add configurable alerting in an effort to preventing directory and permission sprawl or detecting anomalous access
At this point we may require additional products or custom development to address this problem.
An example of a real world problem is if Jane has two box accounts one managed by the firm and the second a personal account, there is nothing to prevent or alert us if Jane copies enmasse company property
2 votes -
Is it possible to add a password to a folder or file that callaborators need to enter inorder to access the folder/files in box?
Is it possible to add a password to a folder or file that callaborators need to enter inorder to access the folder/files in bo
2 votes -
Custom text in password entry screen on password protected links
Allow users to customize the text that displays when a user is prompted to enter a password when accessing a password protected shared link. The text currently says "The content you are attempting to access is password protected. To continue, enter the password below." It would be helpful to enter custom text like "By entering the password below you agree to the following terms of use: " so that we could ensure that users are reading and agreeing to a confidentiality agreement every time they access the file.
1 vote -
Search quarantined files
We need the ability to search the quarantine page, especially if there are hundreds of files
2 votes -
Mask or hide email addresses
There is a need to hide or mask email addresses for instance we have service accounts by business unit that 'own' all of the content and also high-level executives that cannot be spammed by external collaborators.
1 vote -
Add ability to share content with a distribution list
There is no ability to “share with anyone who has the link” like in Google Drive or similar tools, but should be configurable by an administrator for specific folders.
1 vote -
Create an auditor role
A Non-Admin role is required that is able to view reports and configuration but unable to make changes or have any access to the contents of users' folders... Basically the Auditor role.
• Inventory of Users and Roles
• Identify folders that has not been accessed in 180 days
• Identify folders that are accessible to anyone with the links
• Identify the links that do not have expiration date
• Review security settings
• Review alerts1 vote -
Collaboration Blacklisting
We would benefit from the ability to make a blacklist of collaborations (perhaps via domain) to prevent against the inbound or outbound collaboration with a certain (or set) of domains.
The current collaboration whitelist capabilities do not permit for blacklisting -- they only allow for whitelisting.
For example: "Can we block all inbound and outbound requests to/from a certain domain (e.g., gmail.com)?"
15 votesNot currently planned at this time.
-
Extend collaborations further than the default auto-expiration timeframe
When collaboration auto-expiration is in place on an enterprise level, folder owners can only extend the collaboration up to the default auto expiration timeframe. For example, if the enterprise has collaboration auto-expiration set at 90 days, the folder owner can currently only extend the collaboration for another 90 days. We would like for the folder owner to be able to extend the collaboration for a time period longer than the set collaboration auto-expiration.
6 votesWhile we like this idea, it is not currently planned at this time.
-
2 votes
While we like this idea, it is not currently planned at this time.
-
10 votes
- Don't see your idea?