Three ways to mitigate risk across your extended enterprise

Previously, we wrote about Box’s 5 beliefs to secure the digital transformation where we highlighted how Box uses these principles to both develop our cloud content management products and manage our own digital transformation.

One of our core beliefs at Box is that your enterprise is the extended enterprise and we wanted to double click into that. Keeping your extended enterprise secure, compliant, and productive is incredibly important because so much of your business depends on its success. However, it’s easier said than done. Here are a few approaches to help keep your business humming without compromising on security, governance, or data protection.

Guardrails, not handcuffs

As the line between internal and external users continues to blur, it is more critical than ever to keep the extended enterprise secure and running smoothly. In order to do this you need two things: systems that enable seamless external collaboration, and controls that are flexible enough to secure it. However, user interactions with security policies and systems must be frictionless to prevent them from finding workarounds in order to get their work done.

Here’s a sample framework for how you can think about this for sharing content:


Earlier this quarter we released the ability for organizations to set the default collaborator invite level to viewer instead of editor and enable or disable email uploads at an enterprise or EID level. We’re excited to announce we also released external access indicators to help users understand if they’ve invited external users into files or folders for collaboration and if they are moving content to folders that are externally accessible.


Check out this on-demand webinar to learn best practices for secure sharing in Box to keep your extended enterprise secure and compliant.

Consistent governance and compliance

The further content sprawls across the extended enterprise and the more information you collect about users, employees, partners, and clients, the more risk your business takes on. Explosive growth of unstructured content and new privacy laws, such as GDPR and CCPA, make it even harder to remain compliant and minimize organizational risk.  

Earlier this quarter we released enhanced retention policy reporting in Box Governance to help organizations quickly gather critical information about files being retained for audits or other compliance initiatives. We’re also excited to announce that following a series of incremental updates over the past year,  Box Governance is now completely GxP validated so you can leverage every type of policy available in Governance for regulated content.  

Learn more about today’s governance and compliance challenges across the extended enterprise and how to tackle them in this on-demand webinar.

(Extended) Enterprise-wide visibility 

Line of sight into (among many other things) how people collaborate, who can access what content, and where content lives is critical to determine where there may be security or governance gaps exposing you to unnecessary risk. Box already offers 12 different types of prebuilt, customizable reports with ~300 events to choose from across user information, security logs, folders and files, etc. going back seven years.  

Earlier this year we added more information for our managed user reports to let admins view roles and permissions, enhancing insight into who co-admins are and their levels of access.  We’re excited to announce we’ve also recently added a filter for files or folders when running user reports for admins to quickly find relevant activity on specific content in their enterprise.


Minimizing organizational risk by keeping your business secure, compliant, and productive across the extended enterprise is no easy task, but Box has focused on this from day one. We pioneered the modern content collaboration experience over a decade ago and continue to find better ways to help properly govern and secure the content that drives your business.

We’ve got an exciting roadmap in place and continue to work on enhancing how our customers secure and govern their data. Join us at BoxWorks 2019 to learn more about what’s to come.