Skip to main content

Box wants to help keep your data safe in the cloud

Box Security
(Image credit: Box)
Audio player loading…

The cloud storage (opens in new tab) company Box (opens in new tab) has announced that it has added advanced security features to its Content Cloud (opens in new tab) in an effort to prevent accidental data leaks and further protect content in the cloud.

These features include enhanced auto-classification functionality that extends to existing content, new handling capabilities for Smart Access controls in Box Shield and a set of security improvements to its core product including identity and permission management updates.

Since its release in 2019, Box Shield (opens in new tab) has helped organizations reduce risk and proactively identify potential insider threats or compromised accounts. Box has continued to add new features and functionality to the service to bring built-in controls and threat detection directly to user's workflows.

Now though, the company has extended Box Shield's auto-classification (opens in new tab) to existing content in Box. Powered by advanced machine learning (opens in new tab), this feature will automatically apply security classifications to active content as users upload, edit, move, copy, share or add new collaborators.

Smart Access and single sign-on

As 82 percent of organizations plan to allow their employees to continue working from home according to a survey (opens in new tab) from Gartner, IT teams need to focus on increased security and productivity to support this hybrid model.

To securely power hybrid work (opens in new tab), Box Shield now allows IT admins to define Smart Access policies to restrict access to documents that may contain sensitive or proprietary information. These policies can be created to limit access to internal users only, to prevent downloads and publish shared links and more. However, with the new Box Shield Smart Access policy exception support, end users will be able to override sharing restrictions with approved and IT-sanctioned business justifications and all of these exceptions are logged for auditing purposes.

Box has also strengthened its core security functionality with improved support for single sign-on (SSO (opens in new tab)). Admins will now be able use the updated SSO configuration tool in the Admin Console for self-serve certification management. This allows organizations leveraging an SSO integration to review, rotate and delete the security certificates necessary to validate assertions from identity management (opens in new tab) providers such as Okta, Azure AD, OneLogin, Ping and more. At the same time, Box also provides automatic reminders when SSO certificates will expire.

Chief product officer at Box, Varun Parmar provided further insight in a press release (opens in new tab) on how the company's new security features will support hybrid work, saying:

“While a return to the office is now conceivable, the new work styles that have emerged during the remote work era are here to stay. The future of work is hybrid and this requires a new approach to securing content from anywhere without slowing down work. With today’s announcements, we are extending the power of Box Shield, along with our core security product, by implementing new and enhanced features to the Box Content Cloud and providing businesses with one secure platform for managing and securing all of their information in the cloud.” 

Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.