Help shape the future of Box
Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!
See user guide here.
254 results found
-
Request to improve the behavior of files with "Download and Print Restrictions" set on Box Drive
In Shield > Access Policy, we are creating a classification label for the policy that has "Restrict downloading and printing" set as the security control.
Depending on when you set this label classification, Box Drive may not have the limitations you expect.
I would like to see an improvement so that files with "Download and Print Restrictions" set cannot be opened or copied in Box Drive from the moment the settings are set.The specific steps and events are as follows.
1. Open the file before setting the classification label in Box Drive.
2. Edit, save and close the file.…4 votes -
Shield Requests
Currently Box sheild has the capability to Scan only newly updated/created files or only if the existing file is modified. In simple terms the scan happens only for the newly created version of the files and not any existing files before Box shield is being implemented.
Feature request:
We need to have the option of Scanning all the files at rest & transit in Box irrespective of when it was created/ modified, etc so that it can detect any malware on already available files as well.
Currently Box only encrypts the file with a red banner on top if malware…
2 votes -
Improvement of anomalous download
At the present, Anomalous download can't detect the external user's behavior.
I think it is the risk of data leakage.
I want to detect anomalous download of external users who is invited my tenant.
thanks5 votes -
Allow for exceptions on the Download and Print Restriction security control.
Allow for exceptions on the Download and Print Restriction security control.
We want to restrict users from downloading files that have been identified as having PII. However, we would like a mechanism to allow users that have a business reason to download files. Either through a 'User Justification' similar to the 'External Collaborators Restriction' security policy or an approval workflow.
2 votes -
Ability to scope Malicious Content Rules by User/Group/Shield Lists
Currently malicious content rules apply to all users. To test moving from an audit/detection-only stance to enforcement, it would be useful to be able to create multiple rules that are scoped to specific users/groups/Shield Lists.
This will allow us to keep most users in an audit/detection-only rule, while we test enforcement with a pilot group in another rule.3 votes -
Update Shield Access Policy Restriction for Box Sign
For the Box Sign Request Restriction, add the option allow a signature request, but require additional security controls (e.g., signer authentication, password) for the signature request.
We need the ability to send sensitive content for signature but don't want it sent using a public link.
1 vote -
2 votes
-
Enhanced Auto Classification and File Criteria for All File Types in Box
We would like to have the ability to specify all file types in the file criteria for auto classification. Since there is currently no way to cascade classifications to all files excluding folders (categorizing confidential info on a file-by-file basis), I would like a feature where all files can be classified.
With the current individual extension specifications, it is not possible to use wildcard characters, so we would like to reduce the potential for information leakage due to intentional extension changes.
2 votes -
Shield Malware Threat Detection False Positives on Excel Documents with Macros
Multiplan (160k ARR) turned on Malware Deep Scan and was getting 3-5 false positives per day because users across multiple departments often work on Excel Documents with Macros. Due to their process, users need to upload new versions of these Excel documents daily (they cannot use Version Control to handle this). So the IT team is being pinged every time a new version is added. This has been so overwhelming that the IT team has turned off Malware Detection. They will enable again if Macros are not accidentally flagged as potentially malicious.
41 votesFalse positives detections are a possibility with any malware detection tool. At Box, we want to make sure our customers have controls to manage alerts that are generated and stop any unnecessary noise. We have some additional detection filters for our malware detection rule on the proposed roadmap for this year.
-
block an upload by external user using Box Drive with smart access
The current Shield feature only controls downloading, cannot blocks uploading/syncing and is not ransom-proof. The biggest problem is that when external users use BoxDrive and BoxSync, ransomware-infected files are uploaded/synchronized on Box.
21 votes -
File criteria exclusion list for Box Shield classification policies
When setting up classification policies, Omnicell, Inc., would like to be able to create a list of custom terms to exclude, in addition to the existing ability to designate file criteria that will trigger application of a classification label. This would reduce the number of documents that will incorrectly have a classification applied when auto-classification is enabled. For example, Omnicell has a lot of content with dummy PHI in their environment - this content is allowed to be stored in Box and should not be classified; however, they also want to protect actual PHI that may be stored in Box,…
2 votes -
Provide an exportable report for Shield Admin for each Anomalous Download alert
Every time an anomalous download alert is received, IT would ideally want to share a readily available report (XLSX / CSV) with the affected user's manager as they would know far more about the content and whether this is abnormal behavior. As it stands today, if the alert is not big then a manual list of folders / files is provided, or we have to run a User Activity Report (which can take some time) and then filter and cut down accordingly.
6 votes -
Separate download and print restrictions
We would like to use download and print restrictions in Access Policy separately.
Flexible configurations are required, when we handling sensitive files in Box.ex. We don't want to allow them to edit, but I do want to allow them to print.
7 votes -
Allow Shield Location Rule Restriction By Folder
Currently Shield's Location Restriction rule is applied to the entire EID by user/groups. It would be helpful to be able to set this up by specific folder(s) or folder structure.
Ex. Team A is not allowed to view specific content while in Location X, however Team B is able to. Currently the restriction would be set on the EID level and both teams would be under this restriction.
We could exclude group B or other groups from the rule however Group A would still be restricted from accessing other content within the EID.
1 vote -
Folder path for Malware
Add folder path to the exclusions of the malware scan with Shield. Use case is around safe samples of Malware being housed in Box
15 votes -
Whitelisting file types in Malicious Content scanning in Box Shield
We are currently seeing a large number of non-malicious files being marked by Deep Scan as malicious, resulting in a lot of false positives. These are files such as .gif or .doc. The primary way to reduce the false positive rate would be to improve Deep Scan's scanning capability. However, I think it would also be beneficial to be able to exclude certain file types that are unlikely to include malware (e.g. .gif) from being scanned.
6 votes -
Applying folder exceptions/exclusions to Classification policies
Would like to apply folder exceptions/exclusions to Classification Policies. Currently, we can apply to a selected group of folders, but we have an organizational need to be able to apply a classification policy to all content and add a small selection of folders to exclude from that classification policy.
1 vote -
Additional info in Anomalous Download Shield e-mail notifications
It would be very helpful to see "Previous weekly download amount", "anomalous download amount" and the "delta" on Anomalous download e-mail notifications. We use these to identify notifications that require further investigation, but these are only available by clicking into the reports which make this kind of detection difficult to scale and manage.
1 vote -
Shield alert to show more than 90 days
Currently the Shield dashboard only show up to 90 days of alerts.
I would like to have the option to have all of the past alert and be able to filter it by custom date filter.44 votesImproving the filter options on the Shield Dashboard is on our proposed roadmap for this year.
-
Anomalous Download Alerts for external users
For the Anomalous Download Alerts, I would like it to apply to external users too so that if they are invited to our tenant's folder and they start downloading a lot I get an alert.
16 votes
- Don't see your idea?