Help shape the future of Box
Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!
See user guide here.
197 results found
-
Smart Access: Allow move/copy even with download restriction
Download restriction restricts external users (editor permission) from moving content within folders they have access to. There should be an option to restrict download but also allow for moving and copying within folders that have the classification policy because to an end user, this is not a download function.
1 vote -
4 votes
-
Ability to exclude domains from autoclassification trigger
As a user, I want to be able to exclude my company domains from the Shield email address autoclassification trigger, so that policies are not being applied to internal emails, just external PII
5 votesNot a priority. Will revisit in 6 months
-
Uploading restrictions for folders to which Box Shield's "External Collaborator Restrictions" are applied
We would like to be able to restrict users from uploading files and folders to folders to which BoxShield's "External Collaborator Restrictions" have been applied by dragging and dropping them into the browser.
By granting users the authority to edit and prohibiting uploads, it will be possible to more clearly distinguish between file management and access authority management, and allow editing while maintaining a level of security.(In Japanese)
BoxShieldの「外部コラボレータ制限」を適用しているフォルダに、ブラウザへのドラッグ&ドロップでファイル・フォルダをアップロードすることを制限できるようにしてほしいです。
ユーザーに編集する権限を付与し、アップロードを禁止する事でファイル管理及びアクセス権限の管理をより明確に区別し、セキュリティレベルを保ちつつ編集を可能とする事が可能になると考えられます。2 votes -
Show Auto-Classification Criteria Matches on Classification Label On File
Auto-classification matches are currently stored within metadata on a file. If auto-classification classifies a piece of content, we'd like for the classification label indicator on a file (or hovering over the label) to show what criteria was met which requires a specific label. The purpose of this is to have a visual indicator to reinforce the sensitivity of content within a file.
5 votes -
Allow custom Shield classification order
As a user, when I apply a classification, I want to see them in order of sensitivity, as opposed to alphabetical
4 votesNot a priority. Will revisit in 6 months.
-
I would like to be able to change from a classification with a strict policy to a classification with a loose policy. The reverse should be
For the purpose of strictly protecting confidential information, we want to make it impossible to change from strict to loose permissions, even for users who have the authority to change classification labels. However, with the current Shield function, it is not possible to set the priority of changeability.
One possible way to achieve this is to allow users to set rankings for classifications or policies, and to limit the direction of the rankings.3 votesNot on the roadmap for FY25, will evaluate for FY26
-
Block single user
Our security has deemed a single email as suspicious. We would like to block this single email from connecting to our Box, or being collaborated into our Box.
With Shield we can block the whole domain, but that approach is too broad and would limit too many valid email addresses.
7 votesNot a priority. Will revisit in 6 months.
-
Shield access policy customization - inclusion/exclusion list for downloading files
Interested in an inclusion/exclusion list FOR downloading files, as part of a Shield access policy.
Ex: If Owners/Co-Owners/Editors are OK to download they want control the file types they can download. I know you can control this by just creating a separate classification and policy but that could cause too many of them. Better to create an filetype inclusion list
0 votes -
We are unable to respond when Geodetection alerts are triggered. Would greatly appreciate ability to prevent access.
We have had a # of Geodetection alerts from users with unexpected IP addresses accessing shared links. Currently, we are unable to block these users, so we can only remove files after the fact. Our security team is requesting an ability to prevent this access (potentially with an ability for admins to override and allow the access).
5 votesTo be delivered October/November 2023.
-
Remove Collaborator Access Policy Security Control in Shield
When creating an access policy in Shield, there needs to be a security control that removes a collaborator after a specific period of time or on a specific date. It would work very similar to the "Invited Collaborators Expiration Settings" option that is available in the Admin Console under the Content and Sharing tab, but would be tied to a classification setting.
4 votes -
BOX SHIELD - Block all applications from downloading content
The following feature is redundant:
Block all applications from downloading content - No integrated applications (except Microsoft Office for the web, Google Workspace, Apple iWork, and Adobe Acrobat Online) or published custom applications will be able to download content protected by the access policy.
I thought the purpose of Box Shield was to protect organizations from data breaches????
We have configured everything within our box account to prevent certain data from being download or printed. However, Box gives our users the option to open these confidential files in Adobe Acrobat which then allows them to download, print, and anything else…
2 votes -
Whitelisting Access Using Managed User Groups
Companies frequently hire contractors and provide them with company email addresses to access internal networks and applications. This creates an issue with contractors having visibility into an entire folders and not just the projects/folders that apply to them. Shield's whitelisting capabilities allow us to limit external email domains, but because contractors are given a company email domain the whitelisting capabilities do not apply.
We would like to be able to create a "Consultants" Managed User Group and whitelist access to break waterfall permission for internal Managed User Groups.
7 votes -
Restrict Collaboration for Individual External User
Customer would like to have the ability to block individual external users from collaborating on their enterprise content. The external domain allow list is too broad if only one or two external users need to be blocked from collaborating on content.
11 votesNot on the roadmap for FY25, will evaluate for FY26
-
Add classification columns to Collaboration and Shared Link Reports
Add columns to the Collaboration and Shared Link reports to display file/folder classification
5 votes -
Shield enhancement against EID-to-EID content move / copy
Need the ability to generate a Shield alert when someone copies or moves content from one EID repository to another EID; to include any movement of content via the api.box.com utilizing cURL or other CLI.
8 votesThis type of detection is something we want to investigate further. We are in the midst of getting additional feedback on this topic as the team works on other Threat Detection enhancements.
-
Shield Alert - mark as resolved
On the dashboard for Shield, you see a list of alerts generated through threat detection policies. We'd like to see the functionality where end users could mark an alert as seen and/or resolved so everyone who monitors the Shield alerts would know whether it's been resolved or open. This is similar to a ticketing system, but a simple notes body on the alert where someone could put an explanation of their response to the alert would greatly enhance visibility and drive better usability. Thanks!
31 votesWe are investigating the best options to implement this into our Threat Detection alerts and dashboard.
-
Priority of classification policies in combination with shield detection rules
Hi,
I can currently prioritize classification policies. Unfortunately, the classifications used in this way categorically overwrite those created with box shield's access policies.
For example: I have a classification only with shield access policies.. high confidential. This includes external collaboration restriction, download and print restriction.
It will be set manually on the desired folders. All files in this folder are now protected
Now i also have a classification with classification policies like credit card number or IBAN code. This should inform user automatically that there's a file with (maybe) protectable content.
This overwrites the classification which is manually set on…1 vote -
Shield Classification based on keywords or text terms
Shield auto-Classification on keywords or terms
1 vote -
Can we get another pop-up screen when Deleting a Shield Access policy to make sure that is the action the admin wants to take?
The 'Delete' and the 'Edit' button are right next to each other on the Shield Access Policy page. When clicking 'Delete' the policy automatically deletes. It is easy to accidentally click instead of 'Edit'. Can we get a second window that asks if that is the action the Admin/ Co-Admin wants to take on the policy?
2 votes
- Don't see your idea?