Malware has met its match: Introducing ML-based malware detection

Today, more business processes happen in the cloud than ever before. Digital transformation comes with significant benefits — cost savings, greater flexibility, productivity gains, and improved employee experiences (to name a few!).

But it also brings new security challenges. For instance, the average data breach costs $4.24 million in 2021, a 10% rise from 2020 findings in the Ponemon Institute report. In the first and second quarters of this year alone, the number of ransomware (a specific type of malware) attacks surged by 288%, according to the latest data from the NCC Group. And ransomware costs are expected to reach $265 billion by 2031, when a new attack will happen every two seconds, according to Cybersecurity Ventures. 

We built Box Shield to help our customers combat and minimize these risks. Shield Smart Access helps organizations classify content at scale and put policies in place to prevent accidental data leaks. Shield Threat Detection helps security teams identify potential content- and user-centric threats before they become malicious attacks. And every day, Box Shield automatically classifies 3.6 million files according to customers' classification policies and scans 130 million files for potential malware.

But the security landscape is constantly evolving, which requires constant innovation to stay ahead of potential threats. Today, we announced new deep learning-based malware detection in Box Shield, to help you discover and contain the spread of malware before it becomes a data breach.

Box Shield: Threat Detection

When content is quarantined, bolt-on malware detection solutions disrupt work — plain and simple. But Box Shield lets you go about your business, enabling users to preview files while preventing downloads to stem the spread of malware. To do so, we augment traditional hash-based scanning from external threat-intelligence databases, using new deep-learning technology that looks inside the file to identify more sophisticated malware. And it all happens in near real time.

In the coming months, we'll be delivering enhanced alerts for anomalous user behavior (such as suspicious downloads) to IT and security teams. This will give you more visibility into the significance of the content downloaded. Admins will also be able to give more granular feedback to improve the accuracy of future alerts.

Box Shield: Smart Access

On top of detecting threats, organizations also need to control access to their sensitive content through classification policies and classification-based access controls. Box Shield makes it easy by automatically applying classification policies based on a file’s contents.

In August, we added new enhancements to our popular auto-classification feature:

• Auto-classification based on file type, which includes both common and proprietary file types, so you can protect your own IP as well as regulated data
• Classification of historical content whenever a user views, shares, or downloads it (in addition to auto-classification for new uploads)
• Support for additional info types, including Canada PII (such as Canadian bank account and Social Security numbers)
• Integration with Microsoft Information Protection so MIP labels can be imported as classifications in Box, including encrypted labels (by popular demand!)

In the coming months, we'll be adding classification insights to the user activity report. Also on our roadmap: Access policy monitoring mode, support for information barriers to prevent access where there are conflicting business groups, and new access controls based on classification.

Box Governance

In addition to security, the Box Content Cloud brings you advanced compliance, governance, and content lifecycle management tools. Box Governance offers retention, legal hold, and disposition solutions built for an increasingly complex regulatory environment — so you manage the lifecycle of your content while staying compliant.

But retention policies also need to be flexible, especially in a regulatory landscape that's constantly shifting. This year, we released event-based retention, which lets you automatically apply retention policies based on business event trigger dates, like an employee’s departure or the end of a contract term. While we’ve historically supported folder- and metadata-based retention, the addition of event-based retention is a huge step in providing more flexibility with retention policies. 

We’re also taking important steps to upgrade and scale our reporting capabilities — and add a new type of retention policy that is modifiable to support business agility. Earlier this summer, we enabled you to add folders to an existing retention policy. Next year, we’ll be adding a new type of retention policy that'll let you modify the entire retention policy, with changes applied retroactively. With all these enhancements, we want to give you peace of mind that your retention policies can evolve flexibly with your business.

Admin experience

Even the best software products can't succeed without the expertise and dedication of our IT admins. They're the superheroes who make the Content Cloud work for our customers. 

At BoxWorks, we announced expanded insights and content intelligence to help Box admins manage their content more effectively. This includes e-signature analytics for a deeper dive into individual and enterprise-wide usage of Box Sign, platform insights for better visibility into API consumption, and a workflow report to understand utilization.

Over the past year, we also brought a renewed focus to performance and scale improvements — along with new user and content management tools with self-service and automated options. Building on that momentum, we've added new filters on reports so you get the insights you need even faster.

We're also introducing scheduled reporting so you can schedule reports on a monthly or quarterly cadence, along with the ability to set and save filter settings to easily customize, save, and re-run your own reports.

Want a deeper dive into our new security, governance, and admin capabilities? How about a chance to see them in action? Check out our on-demand sessions from BoxWorks!