pogonici - Fotolia

Box Shield adds tighter controls for content sharing

New Box security features enable file- and folder-level access control, while admins and security staff get machine-learning tools to discover and investigate anomalous activity.

Cloud content management vendor Box plans to release security features in the fall that provide more controls for file sharing and employ machine learning to watch for unusual activity around sensitive content.

Previewed last October, the latest features, called Box Shield, are broken down into two main sets, Smart Access and Threat Detection. The former improves Box's access control system while the latter provides better protection against hackers.

Box decided to release Box Shield in the fall after it underwent four cycles of beta testing, Jeetu Patel, Box's chief product officer, said this week. "We added capabilities we hadn't even thought of [until] customers gave us the ideas."

Smart Access lets admins set policies to restrict content access and sharing for people inside and outside an organization, Patel said. Other employees can set similar restrictions at the file level.

Tighter content controls are essential because corporate workers share content across many departments, from R&D, marketing and sales to human resources and legal, Patel said, both inside and outside of the organization. Each department has its unique need to quarantine sensitive material at the file and folder level.

 Box Shield Smart Access controls screenshot
Box Shield 'smart access' controls can be set at admin level and can, among other things, prevent employees from downloading intellectual property and sharing it outside the firewall.

Threat Detection is a monitoring system that employs machine-learning algorithms to understand what content is sensitive to an organization. The system then watches for and reports on anomalous activity, which data-security investigators can review.

Threat Detection also identifies whether malicious internet sites try to access a company's content. The system does that by flagging unusual activity, such as sites downloading files in quick succession from countries on separate continents. Such behavior can indicate state-sponsored hacking, experts said.

While Threat Detection improves Box security, the company, along with its competitors, has yet to provide seamless content security policy enforcement for documents flowing between an enterprise's applications and infrastructure platforms.

"That's a fundamental problem with security in general -- how to do it in a way that's not a pain. It's not easy," Garrett Bekker, an analyst at 451 Research, said.

Box competes with file-sharing applications such as Microsoft OneDrive, Google Docs and OpenText Core.

Dig Deeper on Content collaboration