We would like the ability to support Regular Expressions (REGEX) for creating auto-classifications rules in Shield. This would greatly enhance how much we can leverage the capability

Current access policy allows for external collaboration with a valid business justification, but we would also like to have the admin or folder owner approve the request to share externally, before the collaboration is sent. The current design doesn't allow for any validation and could potentially lead to content being shared with a restricted audience. Once the exception is approved, the collaboration could be set.

There may be certain countries a Box customer may be prohibited from sharing with under any circumstance. I suggest making it possible to whitelist or blacklist entire countries by allowing Shield Lists of countries to be included in Access Policies.

Allow for user level exclusion for suspicious location alerts. This is helpful in the event that users are traveling across locations and various IP addresses.

As part of Governance it is possible to move certain file types to a Quarantine folder. This is useful for a lot of ransomwares, as they change the extension of files.

Currently this "old" functionality has not yet been moved to Shield. Shield does have a malware detection, which uses threat detection technology. We would like to have the ability to extend this with a list of known extensions.

As a user, I want to be able to exclude my company domains from the Shield email address autoclassification trigger, so that policies are not being applied to internal emails, just external PII

As a user, when I apply a classification, I want to see them in order of sensitivity, as opposed to alphabetical

Our security has deemed a single email as suspicious. We would like to block this single email from connecting to our Box, or being collaborated into our Box.

With Shield we can block the whole domain, but that approach is too broad and would limit too many valid email addresses.

In addition to the Shield Dashboard, an option to export all past threat detection alerts

Extending threat detection ALERTS to take action on a user's access would be very valuable. I've heard lots of customers request having a user's account deactivated if they access Box from a suspicious location. Right now, there is not a way to do this through the core Box application, it has to be done through custom scripting or with another tool.

I would like the access policy to have preview only functionality.
If only some files in a folder with editor privileges can be set to preview, there is no need to create a separate folder.

Excel files cannot be co-edited in MS Excel Online if the access policy restricts downloading and printing.
One of the purposes of using Excel Online is co-editing.
I would like to be able to co-edit in a situation where downloads are restricted.

Auto-classification matches are currently stored within metadata on a file. If auto-classification classifies a piece of content, we'd like for the classification label indicator on a file (or hovering over the label) to show what criteria was met which requires a specific label. The purpose of this is to have a visual indicator to reinforce the sensitivity of content within a file.

We would like to list the contents based on the classification, to find classified contents stored in unexpected folder.
Some of sensitive contents need to be strictly controlled and stored in the proper folder.

Shield lists are not currently editable using an API endpoint. In order to make it possible to automate adding and removing entries to lists, I suggest making it possible to create/view/edit/delete shield lists using the Box API.

For the purpose of strictly protecting confidential information, we want to make it impossible to change from strict to loose permissions, even for users who have the authority to change classification labels. However, with the current Shield function, it is not possible to set the priority of changeability.
One possible way to achieve this is to allow users to set rankings for classifications or policies, and to limit the direction of the rankings.