We want to get the activity reports for specific classification(just like specifying the folder).

We need to audit user activities for confidential files every quarter. Current activity reports can only specify the user, date, folder and action, not classification.

Companies frequently hire contractors and provide them with company email addresses to access internal networks and applications. This creates an issue with contractors having visibility into an entire folders and not just the projects/folders that apply to them. Shield's whitelisting capabilities allow us to limit external email domains, but because contractors are given a company email domain the whitelisting capabilities do not apply.

We would like to be able to create a "Consultants" Managed User Group and whitelist access to break waterfall permission for internal Managed User Groups.

Need the ability to generate a Shield alert when someone copies or moves content from one EID repository to another EID; to include any movement of content via the api.box.com utilizing cURL or other CLI.

We would like to see the addition of the ability to grant permissions only to the owner for access policies as well.

We have learned that Box Shield will allow us to grant permission to change classifications only to the owner.
https://support.box.com/hc/en-us/articles/1500000108061

In addition to the classification change permissions, the customer would like to make the access policy "Restrict Downloading and Printing" also owner-only for managed users.
Therefore, We would like to see the addition of the ability to grant permissions only to the owner for access policies as well.

［日本語訳］
アクセスポリシーも所有者のみに権限付与する機能を追加してほしいです。

私たちはBox Shieldで、分類の変更権限を所有者のみ権限付与することができるようになることを知りました。
https://support.box.com/hc/en-us/articles/1500000108061

お客様は分類変更の権限に加え、アクセスポリシーの「ダウンロードと印刷の制限」も管理対象ユーザーも所有者のみにしたいと考えています。
そのため、アクセスポリシーにもアクセスポリシーも所有者のみに権限付与する機能を追加してほしいです。

When running automated classification, files containing passwords will not be checked for PII information. This means they are potentially at risk of getting shared externally. There should be options to classify them if they are password protected or it should have the option of alerting.

Automatically classify content based off uploader of document. Use case: anything a legal team member uploads should automatically be classified as confidential

It would be great if there was a way to be able to enter notes on an incident. Also to flag an incident as complete and have it removed from the list.

Passwords for public links are wonderful, however, the capability to enforce all links (even those with internal or collaborator scope) would be beneficial for users and content security. If this password requirement could be tied to classifications as an access policy, that would make it increasingly difficult for negligent or malicious actions on Box content. Currently, we can only decrease the scope available for shared links, but by requiring a password, there will be additional adoption for Box and Shield, especially within highly regulated industries that require external or public distribution of content.

Add columns to the Collaboration and Shared Link reports to display file/folder classification

Birthday is not an an InfoType in automated classification. Please add this field.

We want "Smart Access: Download restriction" to control the download/printing capability of G-Suite apps. We want the integration just like office online which restrict download/print on office online apps.

For security perspective, we want to minimize the risk of data breach, so we are planning to store the confidential files on box and restrict the content to be downloaded to the devices. However currently if user opened the files on G-Suite, the files can be downloaded or printed.

Currently, the only apps that can be exempt from an Access Policy are published apps or custom JWT apps that have been approved in the Admin Console. There is a gap for unpublished OAuth apps that may need to be allowlisted from a policy.

Automatically classify content based off uploader of document. Use case: anything a legal team member uploads should automatically be classified as confidential

It would be helpful if Box's auto classification feature were able to trigger file classification (and thus, security controls) if metadata on a file/folder is sensitive in nature or if a file has comments/tasks/annotations that contain sensitive information.

In Box Shield Smart Access, if moved from Folder A, which is assigned the [In-House] classification, to Folder B, which is assigned the [Public] classification, Folder A's classification will be inherited.

However, the classification of [In-house] in folder A is not inherited when the copy operation is performed, the [Public] classification assigned to folder B is assigned.
Since the classification is not inherited by the copy operation, this function can be useful to prevent information leakage by implementing this function.

The input fields are not the easiest way to find a value to add to a Shield List. Naming convention is different across systems, so it would be helpful to know the values that are available to be added.

I would like to see the ability to add Shield Classifications per client - with the appropriate access policy (restricting to client email domain) we could avoid any possibility to overshare when inviting the wrong clients into a folder or sharing a shared link - There is a maximum number of classifications of 25 so could this be extended to facilitate this use case/control.

Threat detection at the classification level. Specifically, we would like the ability to monitor suspicious location and/or suspicious download for a particular dataset rather than the entire content population of our account.