Box Inc. today moved to secure the content flowing through its namesake document sharing and management platform by making available Box Shield, a set of threat detection and governance controls that can be applied to any type of file.
Jeetu Patel, chief product officer for Box, said Box Shield provides a frictionless means of applying controls that can be implemented either by cybersecurity teams or individual end users regardless of the size of the organization. That approach eliminates the need to rely on cumbersome third-party frameworks to secure content residing in the Box cloud service, he said.
Box Shield makes it possible to either automatically or manually classify data in a way that restricts who can access a file or the means through which it can be shared, Patel added.
Box Shield also makes use of machine learning algorithms developed for Box Graph to discover anomalous behavior spanning everything from suspicious downloads and sessions to files being accessed from unusual locations, he said. Those tools not only restrict access, but they also provide an audit trail that enables cybersecurity teams and auditors to determine what documents might have been shared when and by whom.
In addition, the alerts generated by Box Shield can be integrated automatically with security event information management (SIEM) platforms from Sumo Logic, AT&T Cybersecurity and IBM, as well as cloud access security brokers (CASBs) from Symantec, McAfee, Palo Alto Networks and Netskope.
In general, the capabilities of Box Shield are extensible because of what Patel described as a set of structural Box differentials that make it possible to apply controls through any Box client or applications invoking Box application programming interfaces (APIs).
While the sharing of confidential information can be the willful act of a malicious insider, most breaches are inadvertent. There often are too many versions of a document floating around for everyone involved in a workflow to remember what level of classification needs to be applied to each one. By embedding Box Shield within its cloud service, Box is making it easier for controls attached to a document to remain with it as it moves around and between organizations.
The Box cloud service is already being employed by 65 million users working at more than 95,000 organizations, so as the usage of Box Shield increases, there should be some level of decline in the number of data breaches that today occur all too regularly. Less clear is to what degree adoption of Box Shield will be mandated by cybersecurity teams versus simply adopted by end users looking to protect sensitive data in a way that doesn’t adversely impact personal productivity.
Regardless of how it’s achieved, the level of cybersecurity fatigue that gets reduced due to a decline in the number of incidents that need to be investigated is likely to spark a lot of interest from cybersecurity professionals who would prefer to focus more of their time and effort on much more serious incursions.