Introducing intelligent, frictionless content security with Box Shield

Work today happens faster than ever, and that makes the challenge of protecting your most sensitive data even more complex. As your valuable information flows in and out of the organization - across teams, partners, vendors, and customers - the old-school approach to information security no longer gets the job done. 

That’s why we built Box Shield - to help you reduce risk and protect the flow of information without slowing down your business.

How does Box Shield work? First, it helps you prevent accidental data leaks through native classifications within Box, and a set of access controls:

Classify your critical content: Whether you’re dealing with PII, patient healthcare data, or confidential HR and finance documents, Box Shield lets you classify files and folders your way: manually or automatically. These labels, which are visible within Box, help educate teams about your company’s security policies.

Prevent data leaks, drive productivity: Box Shield allows you to place security controls close to your content, preventing leaks in real-time while powering a simple, frictionless experience for your employees. Admins can define granular access policies per label that combine multiple controls, such as:

• Shared link restriction: Specify who can access shared links. For example, when a file is labeled [Internal], you can restrict sharing to within your organization only.
• External collaborator restriction: Limit external collaboration to approved lists of domains, or block it completely based on the sensitivity of the content. For example, when a file is labeled as [Restricted PII], external collaboration is only allowed with business partners that are approved data processors.
• Download restriction: Restrict file or folder downloads across specific applications. For example, prevent download of a file when people are accessing from the Box web app, mobile, and/or Box Drive.
• Application restriction: Specify which 3rd party applications and custom apps can download sensitive content from Box.
• FTP restriction: Restrict FTP transfers and uploads of files and folders.
• Print restriction: Prevent printing from Box previewer.

"At IU, sensitive information changes hands thousands of times each day on our campuses with over 100,000 users and thousands of collaborators around the world. With the introduction of Box Shield, we can apply native data classifications and design policies aligned to our own business and compliance rules. By protecting content with precision, we can help IU reduce risk without compromising speed and collaboration.” - Bob Flynn, Manager, Cloud Technology Support at Indiana University. 

Empower your security team with intelligent detection: Box Shield also helps customers detect abnormal and potentially malicious behavior from internal and external threats. Powered by Box’s machine learning and deep understanding of how people collaborate on Box, Box Shield brings you timely, accurate alerts on:

• Anomalous downloads: Receive real time, contextual alerts when unusual user behavior is detected that indicates attempted data theft, such as notable changes to download behavior.
• Suspicious sessions: Detect a potentially compromised account based on a rapid change in an employee’s location­, as well as additional context about the browsers, devices, and Box applications that they typically use. For example, if someone is downloading a file in London and then sharing a different file from Singapore 5 minutes later, it’s possible their account is compromised.
• Suspicious locations: Detect access or downloads happening in untrusted locations or high-risk countries that are determined by a security team’s policy-defined whitelists or blacklists of locations and IP ranges.

Complement your existing security investments: Box Shield can plug into the best-of-breed security tools you already have, helping you build a powerful cloud security portfolio. Contextual alerts from Box Shield, containing more actionable insights than ever before, can be integrated with your current SIEM and CASB solutions for monitoring and further analysis.

"Organizations of all sizes are increasingly aware of the need to secure critical information and protect against threats without compromising user experience. Investments in native security controls by cloud platform vendors can provide useful and timely insights and serve as a valuable complement to an organization’s overall security portfolio.” - Garrett Bekker, Principal Analyst for Information Security at 451 Research. 

Box Shield is in private beta and will be generally available in the fall of 2019. To learn more about Box Shield and see it in action, join our deep dive virtual webcast on August 29, 2019.