Help shape the future of Box
Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!
See user guide here.
210 results found
-
Auto classification of files/folders based on metadata and comments
It would be helpful if Box's auto classification feature were able to trigger file classification (and thus, security controls) if metadata on a file/folder is sensitive in nature or if a file has comments/tasks/annotations that contain sensitive information.
2 votes -
Ability to send Shield alerts to a Pager Duty email address for email integration.
It looks like I'm only able to notify users who are Shield co-admins whenever an alert is created. I would like to send alerts to a Pager Duty email address for email integration.
I would like to avoid creating a separate user for the purposes forwarding emails to pager duty. I would also like to avoid creating a forwarding rule on my own inbox.
Is it possible to send Shield alert notifications directly to non-user email addresses? If not, is this something the Box team is working on or can consider implementing?
8 votes -
Make available list of countries available for a Shield List
The input fields are not the easiest way to find a value to add to a Shield List. Naming convention is different across systems, so it would be helpful to know the values that are available to be added.
3 votes -
Add a Birthdate / Birth date infotype to Automated Classification
Birthday is not an an InfoType in automated classification. Please add this field.
2 votes -
Increase the maximum number of Shield Classifications beyond 25 so that we can classify each clients content to prevent mis-sharing
I would like to see the ability to add Shield Classifications per client - with the appropriate access policy (restricting to client email domain) we could avoid any possibility to overshare when inviting the wrong clients into a folder or sharing a shared link - There is a maximum number of classifications of 25 so could this be extended to facilitate this use case/control.
25 votesWe will have a different solution to address the use case.
-
View only ability as admin to view Detection rules, policies, and lists.
Isolate the EDIT SHIELD CONFIGURATION co-admin permission to 2 different permissions:
- View-only detection rules, access policies, lists
- View, Edit, and Create Detection rules, access policies, and lists.
3 votes -
File Security Classification, non-compliance label
When viewing a folder, it is currently not possible to know if there are files within the folder structure that have a differing classification label from the one at the root level. This "non-compliance" could potentially be problematic, or even a signal that someone has inadvertently changed a classification. It would be nice to have some kind of visual indicator that the top-level classification label is not 100% cascaded throughout the folder/file structure below it in the waterfall.
2 votes -
Add ability to allowlist unpublished apps in a Shield list or Access Policy
Currently, the only apps that can be exempt from an Access Policy are published apps or custom JWT apps that have been approved in the Admin Console. There is a gap for unpublished OAuth apps that may need to be allowlisted from a policy.
2 votes -
Auto Classification Based Off Uploader
Automatically classify content based off uploader of document. Use case: anything a legal team member uploads should automatically be classified as confidential
1 vote -
Limit the rights of users who can change classification labels.
■Background
We are currently using Box Shield to control the public scope of shared links.
Currently, co-owners would still be able to use the classification labels even if they are set to "Owners/co owners" in the below settings.We want to make sure that only the owner can set classification labels.
■Details
Classification labels can be configured with "Admin console>Classification".
When the Box administrator clicks on Settings, the following settings are available:
Classification settings
Only allow selected permission types to modify classifications on content.
See collaboration permission chart.
Link:https://support.box.com/hc/en-us/articles/360044196413・Owners/co owners
・Owners/co owners and editors
・Owners/co owners, editors, and…1 vote -
PCI Compliance
As a user in an industry which must be PCI compliant,
I want content flagged by Shield as containing PCI content to not be included in the full-text search index,
So that our Box environment can be PCI compliant without having to disable full text search for the entire environment.1 vote -
Tale over the settings in shield trial mode
Currently, the trial mode classification and settings will disappear at the end of the trial period.
If we have a Shield contract, we would like to take over its classification and settings.By eliminating the need to set them up again in the production environment, we can make a smooth transition.
4 votesNot planned for FY23. Will reconsider for FY24.
-
Box Shield inherit classification on move/copy, not only on upload
Box Shield needs to have the ability for files to inherit the classification of the containing folder during a move or copy. Currently, a file will only inherit the classification if it is uploaded to the folder with a certain classification. Example:
File A has a classification of "Confidential" and is moved/copied to a folder that has an "Internal" classification. File A will not automatically inherit the "Internal" permission, and it either needs to be manually changed to "Internal", or have the entire containing folder re-classified as "Internal" so that all containing files then inherit the "Internal" classification.
However, if…
3 votes -
Shield reports suspicious IP location when opening files through O365. Adds lots of unnecesary noise
In Shield, when a user previews/opens a file to Office Online it tracks as a suspicious IP location. It would be great if it could be separated and designated a lower priority than a genuine account compromise. Just a suggestion to clean up the Shield alert queue
7 votes -
Device Pinning as a condition for "Download Restriction"
Wondering if "device pinning" can register details of devices utilized by the user and allows/disallow the login from it. Why cant it be used as a condition under "Download Restriction". MDM solutions are not yet fully matured to cover all & frequently changing devices types .
1 voteDynamic Device Trust as a condition for Download restriction is on the roadmap.
-
Threat Detection Reporting
My customer would like to get a report of the activities that detection rule is processing to ensure that is actually working. They have one rule (suspicious session) that has not generated any hits and thus they don’t know if it’s actually doing anything or not.
3 votes -
Return character in Classification Definition
Currently "Classification Definition" can be written with 'return character' in its input form. But when this "Classification Definition" is shown to the user, 'return character' is being ignored and is shown in one line.
Definition needs to be shown in the same way it was written / configured, and also needs to be shown in several lines when required (e.g. written in multiple languages where each language's definition needs to be shown in each line, instead of all in single line).
1 vote -
Classification definition
Currently when classifying a document it is only possible to see the top 2-3 lines and is not rich text therefore doesn't support returns, bold type, links, bulleted lists or colour.
While the full 300 characters are displayed in the details pane, Users need to see all the details prior to applying the classification.REQUEST: To make the dropdown either expandable (i.e. 'show more') or to show the full 300 character classification definition and to make the definition field 'Rich Text' so its possible to give more context to the classification e.g. provide a list of example documents or link…
4 votes -
Preventing Business file leak from Private folder.
Box in our tenant provides a "Private folder", to every user, which doesn't allow the user to add collaborators. User can, however, use box link to share files with others.
In a corporate setting, this folder is supposed to be accessible only by its respective owner( an employee), On an exit of the employee from the organisation, the private files in the folder may be allowed by the organisation to be copied/taken by the employee along. However, at the same time, it must be ensured that the business files are not stored in this folder to avoid leakage.
I suggest…
1 vote -
Localize the name of "Classification" metadata template to user's language
User cannot name of "Classification" metadata template which is automatically created when the user create Classification policy. At least it should localize to Box admin's language (ex "分類" in Japanese)
2 votes
- Don't see your idea?