New Box security features aimed at user, device and content protection

The announcement includes new partnerships with data loss prevention vendors

Box is rolling out several new security features aimed at making its 150,000 business customers feel more confident in its cloud storage and file sharing service.

The new capabilities address end users, devices and content.

"Our high level goal is to meet existing and anticipate future requirements of enterprise customers in using our secure environment," said Whitney Bouck, enterprise general manager at Box. "These are things we know our customers will want to take advantage of."

At the end user level, Box will now let IT administrators have more granular control over granting or withholding employees' ability to share a folder with individuals outside of the company.

Previously, IT administrators were able to control this capability at a group level, but as of Monday they will be able to enable or disable this feature for individual users.

In an attempt to give IT departments more control over the devices employees use to access Box, the company will let administrators hand-pick approved smartphones, tablets or laptops. This feature, which Box calls "device pinning," will be available in the coming weeks.

To boost device security, Box will be one in the first wave of adopters of Samsung's new Knox security technology for its smartphones and tablets, which was announced on Monday at the Mobile World Congress in Barcelona. This is expected to be available next quarter, according to Box.

Another device-security enhancement is a new, algorithm-powered feature designed to detect suspicious log-in attempts, which is also slated for availability next quarter.

The new features are being added at no extra cost to the Business and Enterprise editions of the service.

For content security, Box is adding new partnerships with data loss prevention (DLP) vendors Code Green Networks and CipherCloud, which build upon a similar agreement with Proofpoint announced last year. These integrations with DLP systems let IT administrators establish policies and controls for the movement and distribution of corporate content via Box.

Box on Monday also announced the availability of its previously announced integration with GoodData's cloud-based business intelligence and analytics software.

Box's moves to boost its security features demonstrate an investment in its infrastructure that will allow enterprises and government agencies with strict security requirements to consider its product for content management and collaboration, said Alan Lepofsky, a Constellation Research analyst.

"This is a necessary step in Box's evolution to move beyond being just a file sync and sharing vendor," he said via e-mail.

Vanessa Thompson , an IDC analyst, said Monday's announcement is a good follow up to the security enhancements announced last year, and highlighted as particularly interesting the device-pinning feature.

Box, which is privately held, recently said that it grew its revenue 150 percent in 2012, compared with 2011, and that it added to its roster of large enterprise customers companies like Discovery Communications, Electronic Arts, Johnson Lambert, McCann Worldgroup, MGM Resorts International, Netflix, Nationwide and Random House. More than 15 million end users use the Box service. Box CEO Aaron Levie told Bloomberg in January that the company plans an IPO, probably for next year.

Juan Carlos Perez covers enterprise communication/collaboration suites, operating systems, browsers and general technology breaking news for The IDG News Service. Follow Juan on Twitter at @JuanCPerezIDG.

Join the CSO newsletter!

Error: Please check your email address.

Tags applicationssecuritysoftwareBox.netcollaboration

More about BloombergDLPElectronic Arts AustraliaIDC AustraliaIDGMGMNetflixProofpointRandom HouseSamsung

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Juan Carlos Perez

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place