We would like the ability to support Regular Expressions (REGEX) for creating auto-classifications rules in Shield. This would greatly enhance how much we can leverage the capability

Our security has deemed a single email as suspicious. We would like to block this single email from connecting to our Box, or being collaborated into our Box.

With Shield we can block the whole domain, but that approach is too broad and would limit too many valid email addresses.

Current access policy allows for external collaboration with a valid business justification, but we would also like to have the admin or folder owner approve the request to share externally, before the collaboration is sent. The current design doesn't allow for any validation and could potentially lead to content being shared with a restricted audience. Once the exception is approved, the collaboration could be set.

Extending threat detection ALERTS to take action on a user's access would be very valuable. I've heard lots of customers request having a user's account deactivated if they access Box from a suspicious location. Right now, there is not a way to do this through the core Box application, it has to be done through custom scripting or with another tool.

As part of Governance it is possible to move certain file types to a Quarantine folder. This is useful for a lot of ransomwares, as they change the extension of files.

Currently this "old" functionality has not yet been moved to Shield. Shield does have a malware detection, which uses threat detection technology. We would like to have the ability to extend this with a list of known extensions.

We want to get the activity reports for specific classification(just like specifying the folder).

We need to audit user activities for confidential files every quarter. Current activity reports can only specify the user, date, folder and action, not classification.

Companies frequently hire contractors and provide them with company email addresses to access internal networks and applications. This creates an issue with contractors having visibility into an entire folders and not just the projects/folders that apply to them. Shield's whitelisting capabilities allow us to limit external email domains, but because contractors are given a company email domain the whitelisting capabilities do not apply.

We would like to be able to create a "Consultants" Managed User Group and whitelist access to break waterfall permission for internal Managed User Groups.

Need the ability to generate a Shield alert when someone copies or moves content from one EID repository to another EID; to include any movement of content via the api.box.com utilizing cURL or other CLI.

Shield auto-Classification on keywords or terms

In addition to the Shield Dashboard, an option to export all past threat detection alerts

When a malicious content policy has a download restriction, it would be helpful if there is a way to identify false positives in order to allow downloads when required.

Add the ability to cap external access. Example; restrict external users to Viewer/Uploader rights or below; or Viewer and below (e.g. Read Only).

We have had a # of Geodetection alerts from users with unexpected IP addresses accessing shared links. Currently, we are unable to block these users, so we can only remove files after the fact. Our security team is requesting an ability to prevent this access (potentially with an ability for admins to override and allow the access).

We would like to see the addition of the ability to grant permissions only to the owner for access policies as well.

We have learned that Box Shield will allow us to grant permission to change classifications only to the owner.
https://support.box.com/hc/en-us/articles/1500000108061

In addition to the classification change permissions, the customer would like to make the access policy "Restrict Downloading and Printing" also owner-only for managed users.
Therefore, We would like to see the addition of the ability to grant permissions only to the owner for access policies as well.

［日本語訳］
アクセスポリシーも所有者のみに権限付与する機能を追加してほしいです。

私たちはBox Shieldで、分類の変更権限を所有者のみ権限付与することができるようになることを知りました。
https://support.box.com/hc/en-us/articles/1500000108061

お客様は分類変更の権限に加え、アクセスポリシーの「ダウンロードと印刷の制限」も管理対象ユーザーも所有者のみにしたいと考えています。
そのため、アクセスポリシーにもアクセスポリシーも所有者のみに権限付与する機能を追加してほしいです。

When creating an access policy in Shield, there needs to be a security control that removes a collaborator after a specific period of time or on a specific date. It would work very similar to the "Invited Collaborators Expiration Settings" option that is available in the Admin Console under the Content and Sharing tab, but would be tied to a classification setting.

The 'Delete' and the 'Edit' button are right next to each other on the Shield Access Policy page. When clicking 'Delete' the policy automatically deletes. It is easy to accidentally click instead of 'Edit'. Can we get a second window that asks if that is the action the Admin/ Co-Admin wants to take on the policy?

Add columns to the Collaboration and Shared Link reports to display file/folder classification

Provide the option to set who may modify classifications BY classification, rather than globally. Example: a Confidential classification might only allow owners to modify, whereas other classifications might allow changes by owners and co-owners.