Box delivered more advanced security features to prevent accidental data leaks and protect content in the cloud.
These include enhanced auto-classification functionality that extends to existing content and new exception handling capabilities for Smart Access controls within Box Shield.
Box also rolled out a set of security improvements to its core product including identity and permission management updates.
While a return to the office is now conceivable, the new work styles that have emerged during the remote work era are here to stay,” said Varun Parmar, Chief Product Officer at Box.
“The future of work is hybrid and this requires a new approach to securing content from anywhere without slowing down work.
“With today’s announcements, we are extending the power of Box Shield, along with our core security product, by implementing new and enhanced features to the Box Content Cloud and providing businesses with one secure platform for managing and securing all of their information in the cloud.”
“The past year fundamentally shifted the way we work, while simultaneously creating new security challenges for customers around the world,” said Chris Niggel, Regional CSO Americas, at Okta.
“At the core of our transition to a Dynamic Work model is the need to ensure that security remains top of mind while having the flexibility to support a dispersed workforce.
“With the power of Box, we can ensure that our content remains in the right hands while being able to securely collaborate from anywhere and on any device.”
Box Shield helps reduce risk and proactively identifies potential insider threats or compromised accounts.
Since the release of Box Shield in October 2019, Box has added new features and functionality to bring built-in controls and threat detection directly to workflows in Box.
In addition, all Box customers have access to the robust security and privacy controls embedded within the core Box product.
Building on this innovation, Box announced the following features and enhancements.
Deepening auto-classification features to prevent accidental data leakage
Businesses already use Box Shield to help prevent accidental data leaks through a system of manual and automated security classifications for files, folders, and classification-based access policies.
“When it comes to data loss prevention (DLP), organizations are demanding tools that are easy to administrate and simple for employees to use,” said Frank Dickson, Vice President of Cybersecurity Products Research at IDC.
“Bolted-on solutions that impede productivity create a shadow IT risk as employees find workarounds to get their job done. By integrating Box Shield natively into their collaboration platform, Box is addressing the problem of complexity associated with implementing and administering DLP and turned it into an intuitive product, built for the end user.”
Box has enhanced classification in Box Shield with the following:
- Powered by advanced machine learning, auto-classification in Box Shield now extends to existing content in Box. With these enhancements, Shield auto-classification extends to active content as users upload, edit, move, copy, share, or add new collaborators.
- A deepened integration with Microsoft Information Protection (MIP), which imports Microsoft’s classification labels and enforces classification-based, inline security controls within Box. Announced in March, the integration enables customers across the two platforms to ensure that only authorized users get access to confidential data and that sensitive information is not shared unintentionally.
- Box Shield has also created more granular classification modification permissions, which gives security and IT admins the ability to choose who can modify the way content is classified.
Increasing security without slowing down work
According to a Gartner survey, 82% of company leaders surveyed plan to allow employees to continue working remotely at least some of the time.
With the ongoing need to support this hybrid model, IT teams need to focus on increased security as well as enabling business productivity.
To securely power this new way of working, Box rolled out the following enhancements which are generally available to all Box Shield customers:
- Box Shield allows IT admins to define Smart Access policies to restrict access to documents that may contain sensitive or proprietary information. Policies can be created to limit access to internal users only, prevent downloads and public shared links, and more.
- With the new Box Shield Smart Access policy exception support, end users are able to override sharing restrictions with approved and IT-sanctioned business justifications. All exceptions are logged for auditing purposes.
Reducing friction with improved support for single sign on (SSO)
Additionally, Box strengthened its core security functionality with deepened SSO support to reduce friction for IT admins and power critical business processes. Generally available this includes:
- Admins will be able to save time with self-service SSO functions which previously required additional Box support. The updated SSO configuration tool in the Admin Console will support self-serve certificate management. This allows all organizations leveraging an SSO integration to easily review, rotate, and delete the security certificates necessary to validate assertions from identity providers like Okta, Azure AD, OneLogin, Ping, and more.
- Group mapping so that customer groups in their identity provider can be auto-populated within Box, reducing the time it takes to set up an SSO provider. This includes customers using Google Cloud as their identity provider.
- Automatic reminders when SSO certificates will expire to ensure business and enterprise account holders enjoy uninterrupted access to the content they need.
These updated features are part of a larger series of security enhancements that Box began announcing at the beginning of last year.
In February 2020, Box created a new add-on for Splunk in Box Shield, made advances to the Shield dashboard, improved automated classification with Box Relay, and enhanced the end user classification experience.
Later that summer, Box added native malware detection support and announced the addition of intelligent, automated classification to Shield to automatically scan files and classify them based on their content.