Box, Inc. announced the
availability of several enhancements to Box Shield, the company's
flagship security solution for protecting content in the cloud. These
include an introduction of its new Ethical Walls feature, which creates
information barriers to help prevent conflicts of interest and improper
use of insider information, and advancements to its malware scanning
capability to help reduce the risk of malicious attacks. Additionally,
Box added new authentication and verification controls to its platform
to provide customers with greater protection against unauthorized
account access.
"With the median cost of a cyberattack
rising by nearly 30 percent over the past year in the U.S. and Europe,
the complexity and number of attacks are increasing along with the cost
to businesses," said Julien Soriano, Chief Information Security Officer
at Box. "At Box, our mission is to provide one trusted platform to
securely manage content from anywhere, and today, we are delivering on
this commitment by offering customers new and enhanced native security
tools that help minimize the risk of malware before it causes costly,
widespread disruption. By leveraging the power of machine learning, we
are continuing to build a Content Cloud that lowers response times to
attacks and reduces the likelihood that content falls into the wrong
hands."
Enhancements to Box Shield
Box Shield
helps prevent data leakage and proactively identifies potential insider
threats or compromised accounts. Companies like Broadcom and Beacon
Capital are using Box Shield to secure their data in the cloud. To
bolster Box Shield, Box is introducing its new Ethical Walls
capabilities to help customers in highly regulated and security
conscious industries, like life sciences and financial services, comply
with legal standards and regulations that prevent the improper exchange
of information. Generally available today, customers using Ethical Walls
can now:
-
Create information barriers, which group users based on
business segments, and create mono or bi-directional restrictions on
their collaboration. This allows admins to restrict information sharing
that could result in questionable or conflicted business activities,
which could create ethical or legal challenges.
-
Generate collaboration reports, which help admins understand
which existing collaborations are violating their organization's
information barrier policy and thus will be removed once the policy is
enabled. This helps admins see the potential impact of creating an
information barrier prior to deployment, so that they can adjust as
needed to avoid losing important collaborations.
-
Communicate restrictions to employees, which helps protect
restricted content in a frictionless way by clearly stating to end-users
who can and cannot be invited to specific content and why. This gives
admins the ability to educate all employees on additional ways to keep
company information secure and compliant.
In 2021,
Box brought malware deep scan detection to Box Shield and over the past
year Shield has scanned over 7.5 billion files and helped security
teams identify over 450,000 malicious files. Today, Box is adding even
more functionality to its malware deep scan capability including:
-
An improved algorithm, which uses machine learning to detect even
more sophisticated malware and gives increased accuracy to file scans.
This allows admins to automatically detect suspicious activity faster
with less false positives and intervene before it becomes a larger
problem.
-
Additional file types, including Microsoft 365 files will now be
supported and subject to malware identification. This greatly expands
Box Shield's malware deep scan coverage to include some of the most
prevalent file types used by customers.
-
Richer insights and granular controls, including granular
download restrictions to provide admins with more flexible controls and
more detailed alert messages which help admins investigate incidents
quicker and cut down on threat response times.
Box Shield is also delivering new innovation to help customers prevent
accidental information leakage. Generally available today, Box Shield
admins have access to:
-
New classification reports, available on-demand or on a schedule,
that offers insight into how content is being classified across your
organization. With added insight into how content is being classified,
security teams can easily ensure that content is being handled
appropriately across the full organization.
-
Additional classification icons, which provide a simple and clear
way to identify classified files in Box. These help security admins
improve communication within their organization and makes it easy to
identify classified content at a glance.
-
Suspicious location detection exemptions, which enable
admins to suppress or disable suspicious location alerts for select
users, groups, or known travel to a location deemed "suspicious,"
occurs. These exemptions help security teams reduce the number of
unnecessary alerts.
Bolstering Box's Core Security Platform
Additionally, Box also announced the general availability of new
features and functionalities to enhance the robust security embedded
within the Box Content Cloud to achieve and align with the Zero Trust
model. These include an additional multi-factor authentication (MFA)
option through email and customizable group-based device trust policies.
The introduction of group-based policies gives admins even more
granular controls, enabling them to more precisely tailor security
policies to the needs of their user population as well as helping them
test and roll out new security policies in a frictionless manner.