We have expanded our partnership with Box, a leader in cloud collaboration and file sharing, to provide further visibility and policy enforcement options for governing sensitive content in Box. You can now automatically identify, classify and govern your sensitive data with native Box Governance Security Classification using industry-leading Symantec CloudSOC CASB[1] and Symantec Cloud DLP[2]. By partnering with Box on integrated solutions, we offer you the advantage of using the native Box capabilities with the automation of CASB policy controls and the fine-tuned, enterprise-wide content policies of DLP.
Get Started
Once you have a Box Governance subscription and Symantec CloudSOC you can easily classify content types based on the security criteria you want and control how those files are shared.
Step One: Set Up Security Classification in Box Governance
Start by setting up file classification labels in Box Governance Content Controls. Here you name the classification; set up visual cues for end users to identify types of content and provide additional information on what to do with this type of file; and specify the Box sharing policy for this type of data.
Step Two: Accurately Identify File Content
Since Symantec DLP is the industry-leading enterprise DLP solution in the market, you may already have a Symantec DLP policy tuned to identify specific classes of data for your organization. If so, just leverage the policies you already have for Box. If you don’t already have a matching content policy in place, you will want to create one. Symantec DLP offers an extensive array of content identification technologies to help you accurately identify what type of content is in a file – one of the reasons we think it does so well in Gartner’s Magic Quadrant.
If you are not using Symantec DLP, you can create a ContentIQ profile directly in CloudSOC. ContentIQ profiles are easy to set up and are highly accurate thanks to the machine-learning in the ContentIQ DLP engine native to CloudSOC. In addition to automated classifications, ContentIQ can apply data science that learns to identify forms specific to your organization. And if you want to add custom dictionaries and regular expressions, that’s available too.
Step Three: Activate Automated Classification Policy Control
Put all the pieces together with a CloudSOC policy that will automatically inspect file content based on your DLP policies and apply the appropriate Box Security Classification.
An Integrated Solution in Action
Once you’ve completed the above setup, here’s how it will operate:
- A user uploads or modifies a file in Box.
- CloudSOC is alerted of a new file to inspect in Box through an API integration.
- CloudSOC inspects that file using either a native ContentIQ profile or integrated Symantec DLP Cloud.
- If the file matches content inspection criteria, CloudSOC triggers the Box API to apply the security classification label.
- Box tags that file with the appropriate classification label and enforces the established permissions for file sharing.
Please also visit the Box Blog for more on their committment to delivering secure, centralized, cloud-native content services and our partnership. Learn more about CloudSOC on Symantec.com.
[1] Forrester WaveTM: Cloud Security Gateways, Q4 2016
[2] Gartner Magic Quadrant for Enterprise Data Loss Prevention, 16 February 2017