Box adds native security controls to content management

With Box Shield, customers get machine learning-powered threat detection, as well as the ability to set classification-based security policies.
Written by Stephanie Condon, Senior Writer

Box on Wednesday announced a new security product, Box Shield, that natively integrates threat detection and controls into customers' cloud content management. Specifically, with Box Shield, customers can manually or automatically set classification-based security policies to ensure sensitive content doesn't get into the wrong hands. Box Shield also offers machine learning-powered threat detection.  

The new security capabilities are a key part of Box's transition from file storage and collaboration company into a full suite of cloud content management tools. 

Box Shield should help prevent the kind of accidental data leakage that previously plagued some Box customers. As reported earlier this year, some companies using Box exposed sensitive data by inadvertently leaving links to their Box content accessible to the public. 

Lakshmi Hanspal, who joined Box as Chief Information Security Officer (CISO) in January, told ZDNet earlier this year that organizations undergoing digital transformation need "frictionless security," -- in other words, "controls built-in, not bolted on." 

At the same time, she said, Box is aiming to engage with customers early on in their move to the cloud to help them understand that cloud security is a shared responsibility between an enterprise and their cloud vendors. As Box provides more built-in security controls, its customers should understand that "you know your content best," Hanspal said. It's up to customers to use Box's tools to set the right classifications, apply the appropriate corporate policies, and take other steps to protect data, she explained. 

With Box Shield, enterprises can protect data with manual or automated security classifications for files and folders, as well as classification-based access policies. For instance, an account admin could set a "shared link" restriction, limiting who has access to links to content. Also, they could restrict file or folder downloads across specific applications. Admins can also specify which third-party applications can be used to download content from Box. 

Box Shield also uses machine learning to search for abnormal and potentially malicious behavior. Admins can receive alerts about threats such as unusual downloads, Box sessions that are taking place from a strange location or seem suspicious for some other reason, as well as data access or downloads from untrusted locations. 

Box Shield integrates with various other security products that an enterprise may have already invested in. For instance, Box Shield alerts can be integrated with SIEM solutions from Splunk, Sumo Logic, AT&T Cybersecurity, and IBM, as well as CASB solutions from Symantec, McAfee, Palo Alto Networks and Netskope.

The new product is currently in private beta and will be generally available in the fall. 

Related stories:

Editorial standards