tiagozr - stock.adobe.com
Box has added data loss protection features to its cloud-based collaboration platform. Called Box Shield, the product adds a set of content security controls and intelligent threat detection capabilities that the company claims can be used to power secure collaboration and workflows.
“The pace of business today demands that every enterprise move its content to the cloud to power collaboration and drive business processes both inside and outside the organisation,” said Jeetu Patel, chief product officer at Box. “Box Shield is a huge advancement that will make it easier than ever to secure valuable content and prevent data leaks without slowing down the business or making it hard for people to get their work done.
“With Box Shield, enterprises will receive intelligent alerts and unlock insights into their content security with new capabilities built natively in Box, enabling them to deploy simple, effective controls and act on potential issues in minutes.”
Box Shield offers both manual and automated security classifications for files and folders, and classification-based access policies. Account administrators can define custom classification labels and policies per label that combine multiple security controls.
Box Shield supports shared link restriction that limits who can access shared links. It also offers external collaborator restriction, which limits external collaboration to approved lists of domains or will completely block it based on the sensitivity of the content. There is also a download and FTP restriction setting to prevent downloading, or downloading via a file transfer, sensitive files and folders.
Box said the new security features use machine learning to identify and alert IT admins of potential threats, such as anomalous downloads, suspicious Box sessions and access from suspicious locations.
Box Shield integrates with security information and event management products from Splunk, Sumo Logic, AT&T Cybersecurity and IBM, as well as cloud access security broker tools from Symantec, McAfee, Palo Alto Networks and Netskope.
Garrett Bekker, principal analyst for information security at 451 Research, said: “Investments in native security controls by cloud platform vendors can provide useful and timely insights and serve as a valuable complement to an organisation’s overall security portfolio.”