Information Technology Services
Box Shield (an add-on module to Box) allows UCOP to further protect its content that is stored in Box. UCOP has policies that automatically classify sensitive data and prevents it from being shared outside the organization. Box Shield enables security enhancements such as Malware protection, tracking Suspicious location logins, Anomalous download behavior, and Suspicious session alert using built in machine learning and user patterns.
Box Shield uses classifications that can be added manually or in some case automatically based on certain sensitive data type in files. Classifications are based on IS3 security standards. The classification levels currently available are P3 and P4. If a classification is added to a file it will prohibit from sharing outside the organization. Shared links are only available to Invited people which means only named collaborators can access the file. You can override the sharing with a justification or utilize an allow list in Box Shield.
Box Shield Security Enhancements
- Malware protection behavior
- If Box detects a file being uploaded has Malware, an alert is sent to Box Shield dashboard where our admins can evaluate the risk. You can still preview this file in Box, but cannot download, open or edit it.
- Suspicious location logins
- If someone logs into Box outside the US an alert is sent to the Box Shield dashboard where our admins can evaluate the risk. Using VPN looks like you are logging in from the US.
- Anomalous download behavior
- Box Shield uses machine learning to track user’s usage. If it detects an abnormality of download behavior it generates an alert on the Box Shield dashboard where our admins can evaluate the risk.
- Suspicious session alerts
- If a user logs in from one location and then within a short period of time from a different location that is not in the same geographical area, then an alert is sent to the Box Shield dashboard where our admins can evaluate the risk.