Box has unveiled several enhancements to Box Shield, the company’s flagship security solution for protecting content in the cloud.
These include an introduction of its new Ethical Walls feature, which creates information barriers to help prevent conflicts of interest and improper use of insider information, and advancements to its malware scanning capability to help reduce the risk of malicious attacks.
Additionally, Box added new authentication and verification controls to its platform to provide customers with greater protection against unauthorized account access.
“With the median cost of a cyberattack rising by nearly 30 percent over the past year in the U.S. and Europe, the complexity and number of attacks are increasing along with the cost to businesses,” said Julien Soriano, CISO at Box.
“At Box, our mission is to provide one trusted platform to securely manage content from anywhere, and today, we are delivering on this commitment by offering customers new and enhanced native security tools that help minimize the risk of malware before it causes costly, widespread disruption. By leveraging the power of machine learning, we are continuing to build a Content Cloud that lowers response times to attacks and reduces the likelihood that content falls into the wrong hands,” Soriano continued.
Enhancements to Box Shield
Box Shield helps prevent data leakage and identifies potential insider threats or compromised accounts. Companies like Broadcom and Beacon Capital are using Box Shield to secure their data in the cloud.
To bolster Box Shield, Box is introducing its new Ethical Walls capabilities to help customers in highly regulated and security conscious industries, like life sciences and financial services, comply with legal standards and regulations that prevent the improper exchange of information.
Customers using Ethical Walls can now:
- Create information barriers, which group users based on business segments, and create mono or bi-directional restrictions on their collaboration. This allows admins to restrict information sharing that could result in questionable or conflicted business activities, which could create ethical or legal challenges.
- Generate collaboration reports, which help admins understand which existing collaborations are violating their organization’s information barrier policy and thus will be removed once the policy is enabled. This helps admins see the potential impact of creating an information barrier prior to deployment, so that they can adjust as needed to avoid losing important collaborations.
- Communicate restrictions to employees, which helps protect restricted content in a frictionless way by clearly stating to end-users who can and cannot be invited to specific content and why. This gives admins the ability to educate all employees on additional ways to keep company information secure and compliant.
In 2021, Box brought malware deep scan detection to Box Shield and over the past year Shield has scanned over 7.5 billion files and helped security teams identify over 450,000 malicious files.
Box is adding even more functionality to its malware deep scan capability including:
- An improved algorithm, which uses machine learning to detect even more sophisticated malware and gives increased accuracy to file scans. This allows admins to automatically detect suspicious activity faster with less false positives and intervene before it becomes a larger problem.
- Additional file types, including Microsoft 365 files will now be supported and subject to malware identification. This expands Box Shield’s malware deep scan coverage to include some of the most prevalent file types used by customers.
- Richer insights and granular controls, including granular download restrictions to provide admins with more flexible controls and more detailed alert messages which help admins investigate incidents quicker and cut down on threat response times.
Box Shield is also delivering new innovation to help customers prevent accidental information leakage.
Box Shield admins have access to:
- New classification reports, available on-demand or on a schedule, that offers insight into how content is being classified across your organization. With added insight into how content is being classified, security teams can easily ensure that content is being handled appropriately across the full organization.
- Additional classification icons, which provide a simple and clear way to identify classified files in Box. These help security admins improve communication within their organization and makes it easy to identify classified content at a glance.
- Suspicious location detection exemptions, which enable admins to suppress or disable suspicious location alerts for select users, groups, or known travel to a location deemed “suspicious,” occurs. These exemptions help security teams reduce the number of unnecessary alerts.
Bolstering Box’s core security platform
Additionally, Box also announced the general availability of new features and functionalities to enhance the security embedded within the Box Content Cloud to achieve and align with the zero trust model. These include an additional multi-factor authentication (MFA) option through email and customizable group-based device trust policies.
The introduction of group-based policies gives admins even more granular controls, enabling them to more precisely tailor security policies to the needs of their user population as well as helping them test and roll out new security policies in a frictionless manner.