Help shape the future of Box
Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!
See user guide here.
29 results found
-
Auto Classification policy does not work when folders are copied or moved
We would like to improve the behavior so that the auto-classification policy works correctly for files within the folder, even if the folder is copied or moved.
【Details】
Currently, the Auto Classification policy works correctly when files are copied or moved, but not when folders are copied or moved.
For example, if a ".dwg" file is stored in the "Technical Information" folder, there is an automatic classification policy that assigns the label "Technical Information" (not for external collaboration).
In this case, when a file with a .dwg extension is moved from the "Outside Shared" folder, it is automatically assigned the…31 votesUnfortunately classifying child items upon move/copy operations of the parent folder is not being considered at this time.
-
Export Control (ITAR/EAR) support by Box Shield (Increase the maximum number of Shield Classifications & Applying a classification label to
In the case of having global offices/teams, contents related to Export control are dispersed globally. However, the contents need to be in compliance for Export control.
The following two enhancements work well for supporting ITAR/EAR with dispersed contents in one Box entity:
1. Increase the maximum number of Shield Classifications - There is a limitation Classification (it's 25) now. To create combination label via country-base for ITAR/EAR, it requires a larger number of classifications.
2. Applying a classification label to a specific group - this ability is required to support large number of Classification (above enhancement).22 votes -
Require approval when sharing content with a business justification
Current access policy allows for external collaboration with a valid business justification, but we would also like to have the admin or folder owner approve the request to share externally, before the collaboration is sent. The current design doesn't allow for any validation and could potentially lead to content being shared with a restricted audience. Once the exception is approved, the collaboration could be set.
33 votesNot on the roadmap for FY25, will evaluate for FY26
-
Allow Shield List of Countries Usable for Access Policies
There may be certain countries a Box customer may be prohibited from sharing with under any circumstance. I suggest making it possible to whitelist or blacklist entire countries by allowing Shield Lists of countries to be included in Access Policies.
16 votesNot a priority. Will revisit in 6 months.
-
Shield classification user permissions
Request to make classification application settings specific to the classification. Currently, the setting for who can apply/remove a classification is for all classifications, but there are cases where it would be helpful that a classification to be only applied by owners and other where co-owner, or even editor would be allowed to apply certain classifications.
Examples:
1. A classification tied to a Shield access control rule that only owners can apply or remove
2. A classification tied to a Shield access control rule that owner/co-owners can apply or remove
3. A classification identifying a type of content that owners/co-owner/editors can…17 votesNot a priority. Will revisit in 6 months.
-
Make Shield Lists Accessible via API
Shield lists are not currently editable using an API endpoint. In order to make it possible to automate adding and removing entries to lists, I suggest making it possible to create/view/edit/delete shield lists using the Box API.
13 votesNot a priority. Will revisit in 6 months.
-
Block file extensions lists in Shield malware detection
As part of Governance it is possible to move certain file types to a Quarantine folder. This is useful for a lot of ransomwares, as they change the extension of files.
Currently this "old" functionality has not yet been moved to Shield. Shield does have a malware detection, which uses threat detection technology. We would like to have the ability to extend this with a list of known extensions.
8 votes -
Ability to exclude domains from autoclassification trigger
As a user, I want to be able to exclude my company domains from the Shield email address autoclassification trigger, so that policies are not being applied to internal emails, just external PII
5 votesNot a priority. Will revisit in 6 months
-
Show Auto-Classification Criteria Matches on Classification Label On File
Auto-classification matches are currently stored within metadata on a file. If auto-classification classifies a piece of content, we'd like for the classification label indicator on a file (or hovering over the label) to show what criteria was met which requires a specific label. The purpose of this is to have a visual indicator to reinforce the sensitivity of content within a file.
5 votes -
Allow custom Shield classification order
As a user, when I apply a classification, I want to see them in order of sensitivity, as opposed to alphabetical
4 votesNot a priority. Will revisit in 6 months.
-
I would like to be able to change from a classification with a strict policy to a classification with a loose policy. The reverse should be
For the purpose of strictly protecting confidential information, we want to make it impossible to change from strict to loose permissions, even for users who have the authority to change classification labels. However, with the current Shield function, it is not possible to set the priority of changeability.
One possible way to achieve this is to allow users to set rankings for classifications or policies, and to limit the direction of the rankings.3 votesNot on the roadmap for FY25, will evaluate for FY26
-
Block single user
Our security has deemed a single email as suspicious. We would like to block this single email from connecting to our Box, or being collaborated into our Box.
With Shield we can block the whole domain, but that approach is too broad and would limit too many valid email addresses.
7 votesNot a priority. Will revisit in 6 months.
-
Restrict Collaboration for Individual External User
Customer would like to have the ability to block individual external users from collaborating on their enterprise content. The external domain allow list is too broad if only one or two external users need to be blocked from collaborating on content.
11 votesNot on the roadmap for FY25, will evaluate for FY26
-
Option for Shared Link Restriction on new links only
We would like the option to apply the shared link restriction to "new links only" so that current links are not overwritten. This would be similar to the External Collaboration Restriction option to apply to "only new external collaborations"
1 voteNot on the roadmap for FY25, will evaluate for FY26
-
Auto classification of files/folders based on metadata and comments
It would be helpful if Box's auto classification feature were able to trigger file classification (and thus, security controls) if metadata on a file/folder is sensitive in nature or if a file has comments/tasks/annotations that contain sensitive information.
2 votes -
Increase the maximum number of Shield Classifications beyond 25 so that we can classify each clients content to prevent mis-sharing
I would like to see the ability to add Shield Classifications per client - with the appropriate access policy (restricting to client email domain) we could avoid any possibility to overshare when inviting the wrong clients into a folder or sharing a shared link - There is a maximum number of classifications of 25 so could this be extended to facilitate this use case/control.
25 votesWe will have a different solution to address the use case.
-
File Security Classification, non-compliance label
When viewing a folder, it is currently not possible to know if there are files within the folder structure that have a differing classification label from the one at the root level. This "non-compliance" could potentially be problematic, or even a signal that someone has inadvertently changed a classification. It would be nice to have some kind of visual indicator that the top-level classification label is not 100% cascaded throughout the folder/file structure below it in the waterfall.
2 votes -
Auto Classification Based Off Uploader
Automatically classify content based off uploader of document. Use case: anything a legal team member uploads should automatically be classified as confidential
1 vote -
Tale over the settings in shield trial mode
Currently, the trial mode classification and settings will disappear at the end of the trial period.
If we have a Shield contract, we would like to take over its classification and settings.By eliminating the need to set them up again in the production environment, we can make a smooth transition.
4 votesNot planned for FY23. Will reconsider for FY24.
-
Box Shield inherit classification on move/copy, not only on upload
Box Shield needs to have the ability for files to inherit the classification of the containing folder during a move or copy. Currently, a file will only inherit the classification if it is uploaded to the folder with a certain classification. Example:
File A has a classification of "Confidential" and is moved/copied to a folder that has an "Internal" classification. File A will not automatically inherit the "Internal" permission, and it either needs to be manually changed to "Internal", or have the entire containing folder re-classified as "Internal" so that all containing files then inherit the "Internal" classification.
However, if…
3 votes
- Don't see your idea?