Automated, workflow-driven classification with Box Relay and Box Shield
Happy New Year!
It's the time of year for resolutions, checklists, and planning for what the world has in store. With the average cost of a data breach projected to exceed $4M, it's no surprise if cloud security figures in the top three of every IT pro's checklist. Another stat that's sure to raise eyebrows: over half of all data breaches stem from negligent or maliciousinsiders.
Insiders, by definition, have opportunity and access to an organization's most critical information — intellectual property, client data, etc. Breaches happen when content security is either absent or not appropriate to the sensitivity of the information, leaving it exposed for periods of time. Often, this happens when content security gets applied manually and fails to catch up with the pace at which content was introduced and processed within an organization.
To this end, we're excited to introduce Automated Classification with Box Relay! This capability enables organizations to automatically secure content right when and where it's created or touched, by incorporating security classifications into automated workflows.
As you may recall, Box Shield launched last October, giving organizations the ability to classify critical content, apply granular access policies, and prevent leaks of sensitive data resulting from negligent or malicious user behavior. For example, content could be classified as 'Internal' with an associated Smart Access policy that restricts sharing to company employees only. Box Shield enables users to apply such security classification labels to their files and cascade them to folders in an easy, frictionless way.
With the new 'Automated Classification with Box Relay' capability, we have added the ability to auto-apply pre-established classifications to content as an outcome of a Relay workflow, as well as auto-trigger Relay workflows based on changes in content classification.
Automated Classification with Box Relay:
- Enables you and your organization to systematically apply classifications to content at scale
- Extends the reach of your security policies by accelerating adoption of your classifications
- Strengthens overall information security by building it directly into business processes
Let's take a look at a couple of examples of how this capability could apply to your organization:
- Applying content classification: A client onboarding process at a Financial Services firm involves several files — including some that contain personally identifiable information (PII). With this knowledge, the automated onboarding workflow can be set up to programmatically classify specific files/folders as 'Confidential' from the moment they land in Box. A typical access policy for content classified as 'Confidential' would restrict sharing links to invited collaborators only and would disable downloads.
- Triggering on content classification: Consulting firms typically classify client deliverables as 'Internal' until they are ready to be shared with clients. An access policy for this kind of content would disallow sharing with external parties. When the deliverables are ready, the classification is updated to 'Restricted'. This change can automatically kick off the client handoff process — to move the deliverables to the client space, invite client collaborators, assign engagement tasks to the client team, etc.
Whether you’re dealing with PII, patient healthcare data, or confidential HR and finance documents, you can create classifications in Box Shield appropriate to the level of confidentiality required. These classification labels are visible within Box, reminding all users about the importance of securing content as recommended and established by the organization.
Further, Box Shield security policies based on these classifications prevent negligent users from inadvertently leaking sensitive data and block malicious users from carrying out forbidden actions. For instance, Shield can natively prevent employees from accidentally inviting external users to a 'Internal' folder and keep them from downloading 'Confidential' files.
Together, Box Shield and Box Relay let your organization integrate content security in an easy and consistent way that feels natural to the flow of work. You also get peace of mind that your content stays secure in the cloud. Now you get to check that off your list and focus your time and energy on other 2020 priorities!
To learn more, check out our Shield and Relay community pages, or ask your account team about Box Shield and Box Relay as part of our Box Enterprise Suites.