SlideShare uma empresa Scribd logo

Box Security Overview: Protecting Your Data at Every Step

BoxHQ
BoxHQ

Information That Should Help You Sleep at Night

Tecnologia
1 de 8
Baixar para ler offline
Box Security Overview Information That Should Help You Sleep at Night More than 60,000 businesses use Box for sharing and accessing their data, and we work continuously to earn their trust. Box invests heavily in the security and resiliency of our “ Box’s security controls and the ability to turn on data center, software, and our entire business operation. and off folder access are We recognize that security has to be integrated in every phase of product development key for us. ” and daily operations. This paper describes some of the many measures and practices that we implement on a daily basis to ensure the security of your business data. Brian Davis President , It starts by taking an end-to-end look at the path of a file from your desktop to Box Net Generation storage. We also look at the policies and practices implemented both in our headquarters and our data centers that help us achieve SAS 70 Type II compliance throughout the stack. Finally, we briefly describe the availability and resiliency measures that allow us to offer a 99.9% uptime guarantee. Box Sales Call 877-729-4269 www.box.net End-to-End Security: Follow the Data One of the best ways to understand the multiple levels of security in Box is to follow the path of a file from your desktop to the Box cloud and beyond, to collaboration and storage in the cloud. So, let’s take a look at what happens when you upload a file to Box. Account Access and Authentication Before any file upload occurs, you have to log in to your Box account. We do everything we can to help businesses implement and enforce the policies they need to protect access to their applications. Strong and Configurable Password Policies Businesses can configure the password policies for their users, including: Password strength factors (minimum number of characters, required numbers of numbers, special characters or uppercase characters, restriction from using email addresses) Password resets (a configurable time period) Password re-use restriction Notification after a configurable number of failed attempts Prevention of persistent logins Overall maximum session duration © Box, Inc. – 220 Portage Ave. Palo Alto, CA 94306 USA – www.box.net – sales@box.net – 877-729-4269
Single Sign-on Box offers Active Directory/LDAP integration for Enterprise accounts. This gives businesses centralized control over user accounts in Box. When a business removes an individual’s Active Directory account, for example, that person can no longer login to his Box account. Box supports the SAML (Secure Assertion Markup Language) 2.0 protocol, which enables easy integration with multiple identity and cloud SSO providers. SAML is “ Box providesfeatures, administrative valuable a federation protocol that lets organizations securely exchange authentication and authorization information in a trust relationship. Box also supports ADFS 2 (Active which let us easily set Directory Federation Services). granular permission controls across all our Box works with several providers of cloud SSO to offer secure single sign-on to the ” content and all our users. Box cloud. These providers include Ping Identity (PingFederate), Citrix (NetScaler Cloud Gateway), VMware (VMware Horizon App Manager), Okta, OneLogin and Symplified. Christopher High Sales & Marketing Box supports multi-factor authentication through these cloud SSO providers or other Development, third-party MFA services. For more information on strong authentication options, contact Alere support@box.net. Mobile Access Box Sales Mobile users can access their Box accounts through mobile browsers or specific Box Call 877-729-4269 applications for various mobile devices (iPhones, iPads, Android phones and others). www.box.net Using Box, you can extend corporate SSO and security policies out to mobile devices; users can login to Box from a mobile device using corporate single sign-on credentials. All data passed between the server and the mobile application is encrypted using SSL. If a mobile device is stolen or lost, the administrative console can cut off access in real time. Upload/Transit Once you have securely logged in, you can upload your file. While upload itself is simple from the user’s perspective, behind the scenes Box is working to optimize the performance and security of data in transit. For Business and Enterprise accounts, the data is encrypted with 256-bit SSL encryption on file transfer. For Enterprise accounts, we use multiple Content Delivery Networks (CDNs) such as Akamai and EdgeCast to speed the process of file uploads from dispersed locations. The upload opens an encrypted SSL tunnel to the local point of presence for the CDN. The CDN likewise sends the data encrypted to the Box data center. This strategy takes advantage of the high bandwidth and TCP optimization offered by the CDNs to provide a better upload performance. The same general path is reversed on downloads. © Box, Inc. – 220 Portage Ave. Palo Alto, CA 94306 USA – www.box.net – sales@box.net – 877-729-4269
Within the Application: File Permissions and Audit Once the file has reached the Box service and ready for sharing, collaboration or storage, it is subject to the authorization and audit security within the application itself. Flexible Permissions Once uploaded to the Box cloud, the file inherits the permissions of the folder or the account that contains it. You can set very detailed access/sharing permissions on “ We thoughtthe way to file server was an online the file. safely share information Private/public: By default, files uploaded to Box are private to the file owner. You with investors and must explicitly decide to share files. Files that have been shared can be made private throughout the company. ” at any time. Password protection: You can choose to add a password requirement to a file you are Melissa Gannon sharing, so that users need a password to access the file. Head of Corporate Operations, MCR Development LLC Notification: You can configure Box to notify you by email when someone views, downloads, comments on, edits or uploads files or folders. Notifications can occur on each event or in daily summary form, depending on your preference. Links: One way to share files is to send people a link to the file in Box; the links are Box Sales unique, randomly-generate IDs. You decide whether recipients can download or Call 877-729-4269 simply preview the file. www.box.net Time-based access controls: You can set expiration dates for file access. Collaboration: Create collaboration folders to collaborate with others, and invite collaborators using detailed roles-based permissions (for Business and Enterprise accounts). For example, you can restrict partners to a Previewer role, so they can see but not download files, or an Uploader role, to securely drop files without seeing what else is there. Global Settings At a global level, administrators can set certain restrictions across all users in a Business or Enterprise account, including: Who can create folders or upload files Whether users can share links to content Whether link recipients can download content Who can invite collaborators When links expire When collaboration expires. Audit Trail Box automatically logs all file and user activities on the application and maintains a complete audit trail of all activity within the account. The audit log provides administrator insight into what is being done in the system, facilitates discovery, and demonstrates compliance with relevant industry regulations. Audit logs are date/time stamped, and tracked by user name, email address, IP address, and action taken. You can sort by these attributes or drill down to particular groups, ranges of dates, files or users. You can also export the audit log as a CSV-formatted file. © Box, Inc. – 220 Portage Ave. Palo Alto, CA 94306 USA – www.box.net – sales@box.net – 877-729-4269
A comprehensive set of reports lets you report on data along these dimensions. Predefined security reports provide valuable insight into the potential misuse or abuse of data. You can also configure Box to alert you to failed login attempts, requests for forgotten passwords, or password changes. Box retains audit logs for one year. In Storage “ In today’s enterprise, there’s definitely a need for Once uploaded, the file itself is stored within the Box storage cloud. both an internal and an external sharing solution. Sharepoint helped us Encryption internally, but from an For Enterprise accounts, data is encrypted in storage using 256-bit AES encryption. The external communication encryption key itself is encrypted with a Key Encryption Key (KEK). The key encryption and collaboration key is stored securely, separately from the data, and rotated frequently according to best standpoint we needed Box practices for key management. All access to the keys is logged and audited. to allow us to manage files with greater flexibility, Because data is encrypted in storage, even if someone were to access the file in storage, particularly with users that they could not see the data in the clear. might not be part of As mentioned in the data transit section, data is also encrypted in transit using SSL/ our enterprise. ” HTTPS (Business and Enterprise accounts). Sean Andersen Director of Interactive Services, Six Flags Backup/Replication/Disaster Recovery Not only is Box storage resilient to device failure, but the company also sends encrypted data to secure offsite storage for redundant backup, which essentially replicates the file to a different location to protect it from site-wide disasters Box Sales Call 877-729-4269 Remember that the off-site storage retains the encrypted data, without the encryption www.box.net keys necessary to decrypt the data. Data Retention You’ve shared your file and completed the project. What happens once you delete the file? The file, once deleted, goes to the Trash. You can configure exactly how long things stay in the trash, ranging from 70 days to forever. If you decide you still want that file, you can retrieve it from the trash during this time period. Once a file has been deleted from the trash, Box retains the ability to retrieve deleted data from the backup for a limited time period. Contact support@box.net if you need to reclaim files already deleted from the trash. © Box, Inc. – 220 Portage Ave. Palo Alto, CA 94306 USA – www.box.net – sales@box.net – 877-729-4269
SAS-70 Type II Throughout the Stack When most cloud companies talk about SAS-70 certification, they’re talking about the data centers that they hire to host their services. Obviously, it is critical that these data centers meet high standards for security and availability. At Box, we maintain SAS-70 Type II certification and audits for our corporate operations as well, beyond the hosted data centers. So, we’re SAS-70 throughout the stack – “ Box has certainly something that few other cloud-based service companies can boast. saved us money, but more importantly it’s saved us time and energy. I take one Data Center Security and Availability or two fewer aspirin Box uses multiple data centers to host its application and data, providing essential each month. ” redundancy. Bill Bocash Box data centers are SAS-70 Type II compliant and use advanced measures for IT Manager, Stonewall Kitchen redundancy, availability, physical security and continuity. Here are some of the highlights of their security and availability measures. Availability: Data centers have n+1 (or greater) redundancy for all critical components, including cooling systems, power, connectivity, and other essential systems. (N+1 Box Sales means that there is at least one spare for any single point of failure.) Call 877-729-4269 www.box.net Physical security: All equipment is secured within locked cages or vaults, secured with separate keys or biometric scanning. Access to the facility is protected by 24-hour onsite monitoring and guards, biometric authentication, CCTV with video archives, access control lists, and access and surveillance audit logs. Environmental controls and continuity: Data centers include full Uninterruptible Power Supply systems, backup systems, and uptime guarantees. Data center facilities have advanced fire suppression and flood control measures. All facilities are regularly audited for SAS-70 Type II compliance. Inside Box: Our Policies and Practices Security begins right in our offices, with our facilities, procedures and policies. Every employee is trained on our security policies and procedures. We have a complete SAS-70 audit report, but just to give you the highlights, we maintain and audit policies for: Employee background checks Corporate facility access Acceptable use Removable media Corporate passwords and production passwords Access privileges © Box, Inc. – 220 Portage Ave. Palo Alto, CA 94306 USA – www.box.net – sales@box.net – 877-729-4269
Incident response procedures Security training Patch management Standards for hardened systems System configuration Change management “ What’s great about Box Box also works to maintain the security of its corporate networks and files, with: is that it keeps great records Network intrusion detection systems and host intrusion detection of everything going on, I can control who has access System, network, and application log reporting, analysis, archiving and retention to what... I have complete Network device baseline standards transparency of every file Continuous internal monitoring on our system...I don’t have Regular vulnerability scanning to worry about having a Remote network access through VPNs with multi-factor authentication redundant server up, I don’t have to worry about In addition, Box regularly engages third-party network security testing to find potential backups, I don’t have to vulnerabilities. worry about someone going in and kicking the cable An Incident Response Team handles any significant security or service events according out on the machine. All to defined policies. of that is taken care of for me, and that’s a big load Data Breach Practices off my mind. ” In general, the Box Incident Response Team handles any security incidents. James Bambauer Director of IT, If, despite all other protections in place, your data is accessed without authorization, Eveo we will notify you. If personal information about you or your employees is breached from the Box files, Box will notify you in accordance with California Law (California Civil Code Section Box Sales 1798.29 and Section 1798.82). Call 877-729-4269 www.box.net Software Development Processes Ultimately, a commitment to security has to start with the software development process itself. At Box, security is part of the design from day one. QA is integrated into the development process. Changes in various stages of development are tested on a daily basis. Our automated test framework includes both positive and negative testing, with end- to-end testing from authentication onward. We use network security testing and third-party penetration testing to verify the resilience of the system. © Box, Inc. – 220 Portage Ave. Palo Alto, CA 94306 USA – www.box.net – sales@box.net – 877-729-4269
Box Administrators and Your Data Box Customer Support or Engineering may occasionally need access to some of your data to provide support and address technical issues. Here, too, we have policies in place to limit that access to the least access necessary to provide superior support (a “least privilege” strategy). Box carefully enforces role-based segregation of access. For example, access to customer data is limited to specific support roles and levels, and includes limited views, “ It’s been amazing the amount of time and effort such as: that Box has saved us Ability to see the file tree, but not file names versus the status quo of Ability to edit and view user account information (contact info, account status), but how we were used to not files doing things. ” Exceptions to role-based access policies may be granted on a case-by-case basis, and Josh Stein all customer data access is always logged. Managing Director, Draper Fisher Jurvetson Availability and Resiliency We’ve built end-to-end n+1 or better redundancy into the Box service. This means we Box Sales have at least one extra of everything, ready to take over automatically in case of a failure. Call 877-729-4269 www.box.net While this paper will not outline the entire system architecture, here are some of the highlights. Data Center Redundancy Box is replicated across separate data centers, providing redundancy atop the n+1 (or better) resiliency offered by each data center individually. This redundant architecture gives us a concurrently maintainable infrastructure - we can fix things without ever interrupting service. Across the data centers, we use four distinct Internet providers, ensuring that our service remains online even if an Internet connection fails. Application Architecture Redundancy Within each data center, Box maintains n+1 or better redundancy, with: Redundant load balancers, routers and switches in failover configurations Segmented clusters of application servers handling different functions Master/slave database clusters, replicated in real-time across data centers Multiple log databases replicated in real-time across data centers Resilient storage technologies in multiple storage clouds Backups (encrypted) in offsite storage files In addition, all layers of the application stack are isolated in distinct network segments, with strict Access Control Lists maintained through each, to isolate potential risk. As previously mentioned, encrypted data is also stored in redundant, offsite backups to provide a further layer of protection in the case of failure. © Box, Inc. – 220 Portage Ave. Palo Alto, CA 94306 USA – www.box.net – sales@box.net – 877-729-4269
Summary Today’s computing environment is complex, requiring many different layers of security. At Box, we make the security of your data our number one priority. Box is committed to offering you an absolutely safe way to manage, share and access your information. This paper just touches the surface of many of the measures. If you need more detail on a specific area, please contact Box and we’ll be happy to answer your questions. “ I don’t know what we would do if we didn’t have Box. It would just be a disaster. ” Jordan LaRusso Marketing Coordinator, Crocs Footwear Box Sales Call 877-729-4269 www.box.net © Box, Inc. – 220 Portage Ave. Palo Alto, CA 94306 USA – www.box.net – sales@box.net – 877-729-4269

Recomendados

Digital Forensics Triage and Cyber Security
Digital Forensics Triage and Cyber SecurityDigital Forensics Triage and Cyber Security
Digital Forensics Triage and Cyber SecurityAmrit Chhetri
 
CMMC 2.0 Explained: Impact for SMBs
CMMC 2.0 Explained: Impact for SMBsCMMC 2.0 Explained: Impact for SMBs
CMMC 2.0 Explained: Impact for SMBsIgnyte Assurance Platform
 
Exploring Frameworks of Splunk Enterprise Security
Exploring Frameworks of Splunk Enterprise SecurityExploring Frameworks of Splunk Enterprise Security
Exploring Frameworks of Splunk Enterprise SecuritySplunk
 
SplunkLive! Splunk for Security
SplunkLive! Splunk for SecuritySplunkLive! Splunk for Security
SplunkLive! Splunk for SecuritySplunk
 
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared CarstensenCyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensenjaredcarst
 
Office 365 introduction and technical overview
Office 365 introduction and technical overviewOffice 365 introduction and technical overview
Office 365 introduction and technical overviewMotty Ben Atia
 
Microsoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionMicrosoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionDavid J Rosenthal
 
Need Of Security Operations Over SIEM
Need Of Security Operations Over SIEMNeed Of Security Operations Over SIEM
Need Of Security Operations Over SIEMSiemplify
 

Recomendados

Digital Forensics Triage and Cyber Security
Digital Forensics Triage and Cyber SecurityDigital Forensics Triage and Cyber Security
Digital Forensics Triage and Cyber SecurityAmrit Chhetri
 
CMMC 2.0 Explained: Impact for SMBs
CMMC 2.0 Explained: Impact for SMBsCMMC 2.0 Explained: Impact for SMBs
CMMC 2.0 Explained: Impact for SMBsIgnyte Assurance Platform
 
Exploring Frameworks of Splunk Enterprise Security
Exploring Frameworks of Splunk Enterprise SecurityExploring Frameworks of Splunk Enterprise Security
Exploring Frameworks of Splunk Enterprise SecuritySplunk
 
SplunkLive! Splunk for Security
SplunkLive! Splunk for SecuritySplunkLive! Splunk for Security
SplunkLive! Splunk for SecuritySplunk
 
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared CarstensenCyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensenjaredcarst
 
Office 365 introduction and technical overview
Office 365 introduction and technical overviewOffice 365 introduction and technical overview
Office 365 introduction and technical overviewMotty Ben Atia
 
Microsoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionMicrosoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionDavid J Rosenthal
 
Need Of Security Operations Over SIEM
Need Of Security Operations Over SIEMNeed Of Security Operations Over SIEM
Need Of Security Operations Over SIEMSiemplify
 
Introduction to Microsoft 365 Enterprise
Introduction to Microsoft 365 EnterpriseIntroduction to Microsoft 365 Enterprise
Introduction to Microsoft 365 EnterpriseRobert Crane
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Security
 
Microsoft Information Protection demystified Albert Hoitingh
Microsoft Information Protection demystified Albert HoitinghMicrosoft Information Protection demystified Albert Hoitingh
Microsoft Information Protection demystified Albert HoitinghAlbert Hoitingh
 
Microsoft 365
Microsoft 365Microsoft 365
Microsoft 365Jeannette Browning
 
01 introduccion desarrollo del software 2016
01 introduccion desarrollo del software 201601 introduccion desarrollo del software 2016
01 introduccion desarrollo del software 2016CAMGCAMG
 
NACS 2022 - Information Barriers and Communication Compliance and Microsoft T...
NACS 2022 - Information Barriers and Communication Compliance and Microsoft T...NACS 2022 - Information Barriers and Communication Compliance and Microsoft T...
NACS 2022 - Information Barriers and Communication Compliance and Microsoft T...Albert Hoitingh
 
Cloud-forensics
Cloud-forensicsCloud-forensics
Cloud-forensicsanupriti
 
OT Security - h-c0n 2020
OT Security - h-c0n 2020OT Security - h-c0n 2020
OT Security - h-c0n 2020Jose Palanco
 
Enterprise Security and User Behavior Analytics
Enterprise Security and User Behavior AnalyticsEnterprise Security and User Behavior Analytics
Enterprise Security and User Behavior AnalyticsSplunk
 
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKMaganathin Veeraragaloo
 
Office 365 - Your Modern Workplace
Office 365 - Your Modern WorkplaceOffice 365 - Your Modern Workplace
Office 365 - Your Modern WorkplaceTarek El Jammal
 
Information Security Benchmarking 2015
Information Security Benchmarking 2015Information Security Benchmarking 2015
Information Security Benchmarking 2015Capgemini
 
Proactive security: The Opensource Security Testing Methodology Manual (OSSTM...
Proactive security: The Opensource Security Testing Methodology Manual (OSSTM...Proactive security: The Opensource Security Testing Methodology Manual (OSSTM...
Proactive security: The Opensource Security Testing Methodology Manual (OSSTM...DATA SECURITY SOLUTIONS
 
Microsoft Information Protection.pptx
Microsoft Information Protection.pptxMicrosoft Information Protection.pptx
Microsoft Information Protection.pptxChrisaldyChandra
 
How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes ObserveIT
 
It Security Audit Process
It Security Audit ProcessIt Security Audit Process
It Security Audit ProcessRam Srivastava
 
Windows Security in Operating System
Windows Security in Operating SystemWindows Security in Operating System
Windows Security in Operating SystemMeghaj Mallick
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 
iOS Keychain 介紹
iOS Keychain 介紹iOS Keychain 介紹
iOS Keychain 介紹ShengWen Chiou
 
An introduction to Office 365 Advanced Threat Protection (ATP)
An introduction to Office 365 Advanced Threat Protection (ATP)An introduction to Office 365 Advanced Threat Protection (ATP)
An introduction to Office 365 Advanced Threat Protection (ATP)Robert Crane
 
Is life insurance tax deductible in super?
Is life insurance tax deductible in super?Is life insurance tax deductible in super?
Is life insurance tax deductible in super?Chris Strano
 
TruLink hearing control app user guide
TruLink hearing control app user guideTruLink hearing control app user guide
TruLink hearing control app user guideStarkey Hearing Technologies
 

Mais conteúdo relacionado

Mais procurados

Introduction to Microsoft 365 Enterprise
Introduction to Microsoft 365 EnterpriseIntroduction to Microsoft 365 Enterprise
Introduction to Microsoft 365 EnterpriseRobert Crane
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Security
 
Microsoft Information Protection demystified Albert Hoitingh
Microsoft Information Protection demystified Albert HoitinghMicrosoft Information Protection demystified Albert Hoitingh
Microsoft Information Protection demystified Albert HoitinghAlbert Hoitingh
 
01 introduccion desarrollo del software 2016
01 introduccion desarrollo del software 201601 introduccion desarrollo del software 2016
01 introduccion desarrollo del software 2016CAMGCAMG
 
NACS 2022 - Information Barriers and Communication Compliance and Microsoft T...
NACS 2022 - Information Barriers and Communication Compliance and Microsoft T...NACS 2022 - Information Barriers and Communication Compliance and Microsoft T...
NACS 2022 - Information Barriers and Communication Compliance and Microsoft T...Albert Hoitingh
 
Cloud-forensics
Cloud-forensicsCloud-forensics
Cloud-forensicsanupriti
 
OT Security - h-c0n 2020
OT Security - h-c0n 2020OT Security - h-c0n 2020
OT Security - h-c0n 2020Jose Palanco
 
Enterprise Security and User Behavior Analytics
Enterprise Security and User Behavior AnalyticsEnterprise Security and User Behavior Analytics
Enterprise Security and User Behavior AnalyticsSplunk
 
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKMaganathin Veeraragaloo
 
Office 365 - Your Modern Workplace
Office 365 - Your Modern WorkplaceOffice 365 - Your Modern Workplace
Office 365 - Your Modern WorkplaceTarek El Jammal
 
Information Security Benchmarking 2015
Information Security Benchmarking 2015Information Security Benchmarking 2015
Information Security Benchmarking 2015Capgemini
 
Proactive security: The Opensource Security Testing Methodology Manual (OSSTM...
Proactive security: The Opensource Security Testing Methodology Manual (OSSTM...Proactive security: The Opensource Security Testing Methodology Manual (OSSTM...
Proactive security: The Opensource Security Testing Methodology Manual (OSSTM...DATA SECURITY SOLUTIONS
 
Microsoft Information Protection.pptx
Microsoft Information Protection.pptxMicrosoft Information Protection.pptx
Microsoft Information Protection.pptxChrisaldyChandra
 
How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes ObserveIT
 
It Security Audit Process
It Security Audit ProcessIt Security Audit Process
It Security Audit ProcessRam Srivastava
 
Windows Security in Operating System
Windows Security in Operating SystemWindows Security in Operating System
Windows Security in Operating SystemMeghaj Mallick
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 
An introduction to Office 365 Advanced Threat Protection (ATP)
An introduction to Office 365 Advanced Threat Protection (ATP)An introduction to Office 365 Advanced Threat Protection (ATP)
An introduction to Office 365 Advanced Threat Protection (ATP)Robert Crane
 

Mais procurados (20)

Introduction to Microsoft 365 Enterprise
Introduction to Microsoft 365 EnterpriseIntroduction to Microsoft 365 Enterprise
Introduction to Microsoft 365 Enterprise
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security Overview
 
Microsoft Information Protection demystified Albert Hoitingh
Microsoft Information Protection demystified Albert HoitinghMicrosoft Information Protection demystified Albert Hoitingh
Microsoft Information Protection demystified Albert Hoitingh
 
Microsoft 365
Microsoft 365Microsoft 365
Microsoft 365
 
01 introduccion desarrollo del software 2016
01 introduccion desarrollo del software 201601 introduccion desarrollo del software 2016
01 introduccion desarrollo del software 2016
 
NACS 2022 - Information Barriers and Communication Compliance and Microsoft T...
NACS 2022 - Information Barriers and Communication Compliance and Microsoft T...NACS 2022 - Information Barriers and Communication Compliance and Microsoft T...
NACS 2022 - Information Barriers and Communication Compliance and Microsoft T...
 
Cloud-forensics
Cloud-forensicsCloud-forensics
Cloud-forensics
 
OT Security - h-c0n 2020
OT Security - h-c0n 2020OT Security - h-c0n 2020
OT Security - h-c0n 2020
 
Enterprise Security and User Behavior Analytics
Enterprise Security and User Behavior AnalyticsEnterprise Security and User Behavior Analytics
Enterprise Security and User Behavior Analytics
 
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORKZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
 
Office 365 - Your Modern Workplace
Office 365 - Your Modern WorkplaceOffice 365 - Your Modern Workplace
Office 365 - Your Modern Workplace
 
Information Security Benchmarking 2015
Information Security Benchmarking 2015Information Security Benchmarking 2015
Information Security Benchmarking 2015
 
Proactive security: The Opensource Security Testing Methodology Manual (OSSTM...
Proactive security: The Opensource Security Testing Methodology Manual (OSSTM...Proactive security: The Opensource Security Testing Methodology Manual (OSSTM...
Proactive security: The Opensource Security Testing Methodology Manual (OSSTM...
 
Microsoft Information Protection.pptx
Microsoft Information Protection.pptxMicrosoft Information Protection.pptx
Microsoft Information Protection.pptx
 
How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes
 
It Security Audit Process
It Security Audit ProcessIt Security Audit Process
It Security Audit Process
 
Windows Security in Operating System
Windows Security in Operating SystemWindows Security in Operating System
Windows Security in Operating System
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
 
iOS Keychain 介紹
iOS Keychain 介紹iOS Keychain 介紹
iOS Keychain 介紹
 
An introduction to Office 365 Advanced Threat Protection (ATP)
An introduction to Office 365 Advanced Threat Protection (ATP)An introduction to Office 365 Advanced Threat Protection (ATP)
An introduction to Office 365 Advanced Threat Protection (ATP)
 

Destaque

Is life insurance tax deductible in super?
Is life insurance tax deductible in super?Is life insurance tax deductible in super?
Is life insurance tax deductible in super?Chris Strano
 
Coverage Insights - Vacant Property Insurance
Coverage Insights - Vacant Property InsuranceCoverage Insights - Vacant Property Insurance
Coverage Insights - Vacant Property InsuranceNicholas Toscano
 
Business Advisors, Consultants, and Coaches: Whats The Difference?
Business Advisors, Consultants, and Coaches: Whats The Difference?Business Advisors, Consultants, and Coaches: Whats The Difference?
Business Advisors, Consultants, and Coaches: Whats The Difference?Alan Walsh
 
Bridging the gap between digital and relationship marketing - DMA 2013 Though...
Bridging the gap between digital and relationship marketing - DMA 2013 Though...Bridging the gap between digital and relationship marketing - DMA 2013 Though...
Bridging the gap between digital and relationship marketing - DMA 2013 Though...Lars Crama
 
SOCIAL PRESENCE: WHAT IS IT? HOW DO WE MEASURE IT?
SOCIAL PRESENCE: WHAT IS IT? HOW DO WE MEASURE IT?SOCIAL PRESENCE: WHAT IS IT? HOW DO WE MEASURE IT?
SOCIAL PRESENCE: WHAT IS IT? HOW DO WE MEASURE IT?Patrick Lowenthal
 
BURGLAR ALARM BASICS and insurance
BURGLAR ALARM BASICS and insuranceBURGLAR ALARM BASICS and insurance
BURGLAR ALARM BASICS and insuranceDuncan Waugh
 
IBM AppScan Source - The SAST solution
IBM AppScan Source - The SAST solutionIBM AppScan Source - The SAST solution
IBM AppScan Source - The SAST solutionhearme limited company
 
Avaya Aura 6.x suite licensing
Avaya Aura 6.x suite licensingAvaya Aura 6.x suite licensing
Avaya Aura 6.x suite licensingMotty Ben Atia
 
Capacity Planning with Free Tools
Capacity Planning with Free ToolsCapacity Planning with Free Tools
Capacity Planning with Free ToolsAdrian Cockcroft
 
Automated Visual Testing That Does Not Suck
Automated Visual Testing That Does Not SuckAutomated Visual Testing That Does Not Suck
Automated Visual Testing That Does Not Suckadamcarmi
 
10 Rules for Killer Business Cards 2010 Edition
10 Rules for Killer Business Cards 2010 Edition10 Rules for Killer Business Cards 2010 Edition
10 Rules for Killer Business Cards 2010 EditionSteven Fisher
 

Destaque (15)

Is life insurance tax deductible in super?
Is life insurance tax deductible in super?Is life insurance tax deductible in super?
Is life insurance tax deductible in super?
 
TruLink hearing control app user guide
TruLink hearing control app user guideTruLink hearing control app user guide
TruLink hearing control app user guide
 
Recommended homeowners insurance endorsements for charleston, sc
Recommended homeowners insurance endorsements for charleston, scRecommended homeowners insurance endorsements for charleston, sc
Recommended homeowners insurance endorsements for charleston, sc
 
Coverage Insights - Vacant Property Insurance
Coverage Insights - Vacant Property InsuranceCoverage Insights - Vacant Property Insurance
Coverage Insights - Vacant Property Insurance
 
Business Advisors, Consultants, and Coaches: Whats The Difference?
Business Advisors, Consultants, and Coaches: Whats The Difference?Business Advisors, Consultants, and Coaches: Whats The Difference?
Business Advisors, Consultants, and Coaches: Whats The Difference?
 
GENBAND G6 datasheet
GENBAND G6 datasheetGENBAND G6 datasheet
GENBAND G6 datasheet
 
Bridging the gap between digital and relationship marketing - DMA 2013 Though...
Bridging the gap between digital and relationship marketing - DMA 2013 Though...Bridging the gap between digital and relationship marketing - DMA 2013 Though...
Bridging the gap between digital and relationship marketing - DMA 2013 Though...
 
SOCIAL PRESENCE: WHAT IS IT? HOW DO WE MEASURE IT?
SOCIAL PRESENCE: WHAT IS IT? HOW DO WE MEASURE IT?SOCIAL PRESENCE: WHAT IS IT? HOW DO WE MEASURE IT?
SOCIAL PRESENCE: WHAT IS IT? HOW DO WE MEASURE IT?
 
BURGLAR ALARM BASICS and insurance
BURGLAR ALARM BASICS and insuranceBURGLAR ALARM BASICS and insurance
BURGLAR ALARM BASICS and insurance
 
IBM AppScan Source - The SAST solution
IBM AppScan Source - The SAST solutionIBM AppScan Source - The SAST solution
IBM AppScan Source - The SAST solution
 
Avaya Aura 6.x suite licensing
Avaya Aura 6.x suite licensingAvaya Aura 6.x suite licensing
Avaya Aura 6.x suite licensing
 
Capacity Planning with Free Tools
Capacity Planning with Free ToolsCapacity Planning with Free Tools
Capacity Planning with Free Tools
 
Automated Visual Testing That Does Not Suck
Automated Visual Testing That Does Not SuckAutomated Visual Testing That Does Not Suck
Automated Visual Testing That Does Not Suck
 
10 Rules for Killer Business Cards 2010 Edition
10 Rules for Killer Business Cards 2010 Edition10 Rules for Killer Business Cards 2010 Edition
10 Rules for Killer Business Cards 2010 Edition
 
Intelligent sensor
Intelligent sensorIntelligent sensor
Intelligent sensor
 

Semelhante a Box Security Overview: Protecting Your Data at Every Step

The Enterprise File Fabric for Cloudian | GDPR ready File Sync and Share
The Enterprise File Fabric for Cloudian | GDPR ready File Sync and ShareThe Enterprise File Fabric for Cloudian | GDPR ready File Sync and Share
The Enterprise File Fabric for Cloudian | GDPR ready File Sync and ShareHybrid Cloud
 
SendSecure-Factsheet-EN
SendSecure-Factsheet-ENSendSecure-Factsheet-EN
SendSecure-Factsheet-ENGary Baker
 
Cryptolab cse datasheet v1.1.pdf
Cryptolab cse datasheet v1.1.pdfCryptolab cse datasheet v1.1.pdf
Cryptolab cse datasheet v1.1.pdfMassimo Bertaccini
 
Secure Enterprise File Sharing and Mobile Content Management
Secure Enterprise File Sharing and Mobile Content ManagementSecure Enterprise File Sharing and Mobile Content Management
Secure Enterprise File Sharing and Mobile Content ManagementBlackBerry
 
Secure auditing and deduplicating data in cloud
Secure auditing and deduplicating data in cloudSecure auditing and deduplicating data in cloud
Secure auditing and deduplicating data in cloudCloudTechnologies
 
The Enterprise File Fabric for Scality
The Enterprise File Fabric for ScalityThe Enterprise File Fabric for Scality
The Enterprise File Fabric for ScalityHybrid Cloud
 
SMBStream™ Office to Office File Acceleration | Solution Brief
SMBStream™ Office to Office File Acceleration | Solution BriefSMBStream™ Office to Office File Acceleration | Solution Brief
SMBStream™ Office to Office File Acceleration | Solution BriefHybrid Cloud
 
Vaultize Cloud Architecture - Enterprise File Sync and Share (EFSS)
Vaultize Cloud Architecture - Enterprise File Sync and Share (EFSS)Vaultize Cloud Architecture - Enterprise File Sync and Share (EFSS)
Vaultize Cloud Architecture - Enterprise File Sync and Share (EFSS)Vaultize
 
Remote Working: On-cloud and On-premises Remote Collaboration and File Sharin...
Remote Working: On-cloud and On-premises Remote Collaboration and File Sharin...Remote Working: On-cloud and On-premises Remote Collaboration and File Sharin...
Remote Working: On-cloud and On-premises Remote Collaboration and File Sharin...Hybrid Cloud
 
BlackBerry Workspaces: Integration with Data Loss Prevention (DLP)
BlackBerry Workspaces: Integration with Data Loss Prevention (DLP)BlackBerry Workspaces: Integration with Data Loss Prevention (DLP)
BlackBerry Workspaces: Integration with Data Loss Prevention (DLP)BlackBerry
 
Cloudciti Enterprise File Share Services
Cloudciti Enterprise File Share ServicesCloudciti Enterprise File Share Services
Cloudciti Enterprise File Share ServicesPT Datacomm Diangraha
 
CaelumOne Based Enterprise Content Management Solution
CaelumOne Based Enterprise Content Management SolutionCaelumOne Based Enterprise Content Management Solution
CaelumOne Based Enterprise Content Management SolutionTimMagill
 
Maintaining Trust & Control of your Data in the Cloud
Maintaining Trust & Control of your Data in the CloudMaintaining Trust & Control of your Data in the Cloud
Maintaining Trust & Control of your Data in the CloudAmazon Web Services
 
Cloud Security (CASB) for Slack
Cloud Security (CASB) for SlackCloud Security (CASB) for Slack
Cloud Security (CASB) for SlackSachin Yadav
 
Introducing OfficeBox (Oct.2013)
Introducing OfficeBox (Oct.2013)Introducing OfficeBox (Oct.2013)
Introducing OfficeBox (Oct.2013)Jiransoft
 
Microsoft Enterprise Mobility Suite Poster
Microsoft Enterprise Mobility Suite PosterMicrosoft Enterprise Mobility Suite Poster
Microsoft Enterprise Mobility Suite PosterDavid J Rosenthal
 
8 isecurity database
8 isecurity database8 isecurity database
8 isecurity databaseAnil Pandey
 

Semelhante a Box Security Overview: Protecting Your Data at Every Step (20)

The Enterprise File Fabric for Cloudian | GDPR ready File Sync and Share
The Enterprise File Fabric for Cloudian | GDPR ready File Sync and ShareThe Enterprise File Fabric for Cloudian | GDPR ready File Sync and Share
The Enterprise File Fabric for Cloudian | GDPR ready File Sync and Share
 
SendSecure-Factsheet-EN
SendSecure-Factsheet-ENSendSecure-Factsheet-EN
SendSecure-Factsheet-EN
 
Cryptolab cse datasheet v1.1.pdf
Cryptolab cse datasheet v1.1.pdfCryptolab cse datasheet v1.1.pdf
Cryptolab cse datasheet v1.1.pdf
 
Enterprise product catalog 2012
Enterprise product catalog 2012Enterprise product catalog 2012
Enterprise product catalog 2012
 
Secure Enterprise File Sharing and Mobile Content Management
Secure Enterprise File Sharing and Mobile Content ManagementSecure Enterprise File Sharing and Mobile Content Management
Secure Enterprise File Sharing and Mobile Content Management
 
Secure auditing and deduplicating data in cloud
Secure auditing and deduplicating data in cloudSecure auditing and deduplicating data in cloud
Secure auditing and deduplicating data in cloud
 
The Enterprise File Fabric for Scality
The Enterprise File Fabric for ScalityThe Enterprise File Fabric for Scality
The Enterprise File Fabric for Scality
 
SMBStream™ Office to Office File Acceleration | Solution Brief
SMBStream™ Office to Office File Acceleration | Solution BriefSMBStream™ Office to Office File Acceleration | Solution Brief
SMBStream™ Office to Office File Acceleration | Solution Brief
 
Vaultize Cloud Architecture - Enterprise File Sync and Share (EFSS)
Vaultize Cloud Architecture - Enterprise File Sync and Share (EFSS)Vaultize Cloud Architecture - Enterprise File Sync and Share (EFSS)
Vaultize Cloud Architecture - Enterprise File Sync and Share (EFSS)
 
Remote Working: On-cloud and On-premises Remote Collaboration and File Sharin...
Remote Working: On-cloud and On-premises Remote Collaboration and File Sharin...Remote Working: On-cloud and On-premises Remote Collaboration and File Sharin...
Remote Working: On-cloud and On-premises Remote Collaboration and File Sharin...
 
AzureAAD
AzureAADAzureAAD
AzureAAD
 
BlackBerry Workspaces: Integration with Data Loss Prevention (DLP)
BlackBerry Workspaces: Integration with Data Loss Prevention (DLP)BlackBerry Workspaces: Integration with Data Loss Prevention (DLP)
BlackBerry Workspaces: Integration with Data Loss Prevention (DLP)
 
Cloudciti Enterprise File Share Services
Cloudciti Enterprise File Share ServicesCloudciti Enterprise File Share Services
Cloudciti Enterprise File Share Services
 
CaelumOne Based Enterprise Content Management Solution
CaelumOne Based Enterprise Content Management SolutionCaelumOne Based Enterprise Content Management Solution
CaelumOne Based Enterprise Content Management Solution
 
Maintaining Trust & Control of your Data in the Cloud
Maintaining Trust & Control of your Data in the CloudMaintaining Trust & Control of your Data in the Cloud
Maintaining Trust & Control of your Data in the Cloud
 
Cloud Security (CASB) for Slack
Cloud Security (CASB) for SlackCloud Security (CASB) for Slack
Cloud Security (CASB) for Slack
 
Introducing OfficeBox (Oct.2013)
Introducing OfficeBox (Oct.2013)Introducing OfficeBox (Oct.2013)
Introducing OfficeBox (Oct.2013)
 
Back to Front Vision for Mithi's Collaboration Environment
Back to Front Vision for Mithi's Collaboration Environment Back to Front Vision for Mithi's Collaboration Environment
Back to Front Vision for Mithi's Collaboration Environment
 
Microsoft Enterprise Mobility Suite Poster
Microsoft Enterprise Mobility Suite PosterMicrosoft Enterprise Mobility Suite Poster
Microsoft Enterprise Mobility Suite Poster
 
8 isecurity database
8 isecurity database8 isecurity database
8 isecurity database
 

Último

Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesBernd Ruecker
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024TopCSSGallery
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 

Último (20)

Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 

Box Security Overview: Protecting Your Data at Every Step

  • 1. Box Security Overview Information That Should Help You Sleep at Night More than 60,000 businesses use Box for sharing and accessing their data, and we work continuously to earn their trust. Box invests heavily in the security and resiliency of our “ Box’s security controls and the ability to turn on data center, software, and our entire business operation. and off folder access are We recognize that security has to be integrated in every phase of product development key for us. ” and daily operations. This paper describes some of the many measures and practices that we implement on a daily basis to ensure the security of your business data. Brian Davis President , It starts by taking an end-to-end look at the path of a file from your desktop to Box Net Generation storage. We also look at the policies and practices implemented both in our headquarters and our data centers that help us achieve SAS 70 Type II compliance throughout the stack. Finally, we briefly describe the availability and resiliency measures that allow us to offer a 99.9% uptime guarantee. Box Sales Call 877-729-4269 www.box.net End-to-End Security: Follow the Data One of the best ways to understand the multiple levels of security in Box is to follow the path of a file from your desktop to the Box cloud and beyond, to collaboration and storage in the cloud. So, let’s take a look at what happens when you upload a file to Box. Account Access and Authentication Before any file upload occurs, you have to log in to your Box account. We do everything we can to help businesses implement and enforce the policies they need to protect access to their applications. Strong and Configurable Password Policies Businesses can configure the password policies for their users, including: Password strength factors (minimum number of characters, required numbers of numbers, special characters or uppercase characters, restriction from using email addresses) Password resets (a configurable time period) Password re-use restriction Notification after a configurable number of failed attempts Prevention of persistent logins Overall maximum session duration © Box, Inc. – 220 Portage Ave. Palo Alto, CA 94306 USA – www.box.net – sales@box.net – 877-729-4269
  • 2. Single Sign-on Box offers Active Directory/LDAP integration for Enterprise accounts. This gives businesses centralized control over user accounts in Box. When a business removes an individual’s Active Directory account, for example, that person can no longer login to his Box account. Box supports the SAML (Secure Assertion Markup Language) 2.0 protocol, which enables easy integration with multiple identity and cloud SSO providers. SAML is “ Box providesfeatures, administrative valuable a federation protocol that lets organizations securely exchange authentication and authorization information in a trust relationship. Box also supports ADFS 2 (Active which let us easily set Directory Federation Services). granular permission controls across all our Box works with several providers of cloud SSO to offer secure single sign-on to the ” content and all our users. Box cloud. These providers include Ping Identity (PingFederate), Citrix (NetScaler Cloud Gateway), VMware (VMware Horizon App Manager), Okta, OneLogin and Symplified. Christopher High Sales & Marketing Box supports multi-factor authentication through these cloud SSO providers or other Development, third-party MFA services. For more information on strong authentication options, contact Alere support@box.net. Mobile Access Box Sales Mobile users can access their Box accounts through mobile browsers or specific Box Call 877-729-4269 applications for various mobile devices (iPhones, iPads, Android phones and others). www.box.net Using Box, you can extend corporate SSO and security policies out to mobile devices; users can login to Box from a mobile device using corporate single sign-on credentials. All data passed between the server and the mobile application is encrypted using SSL. If a mobile device is stolen or lost, the administrative console can cut off access in real time. Upload/Transit Once you have securely logged in, you can upload your file. While upload itself is simple from the user’s perspective, behind the scenes Box is working to optimize the performance and security of data in transit. For Business and Enterprise accounts, the data is encrypted with 256-bit SSL encryption on file transfer. For Enterprise accounts, we use multiple Content Delivery Networks (CDNs) such as Akamai and EdgeCast to speed the process of file uploads from dispersed locations. The upload opens an encrypted SSL tunnel to the local point of presence for the CDN. The CDN likewise sends the data encrypted to the Box data center. This strategy takes advantage of the high bandwidth and TCP optimization offered by the CDNs to provide a better upload performance. The same general path is reversed on downloads. © Box, Inc. – 220 Portage Ave. Palo Alto, CA 94306 USA – www.box.net – sales@box.net – 877-729-4269
  • 3. Within the Application: File Permissions and Audit Once the file has reached the Box service and ready for sharing, collaboration or storage, it is subject to the authorization and audit security within the application itself. Flexible Permissions Once uploaded to the Box cloud, the file inherits the permissions of the folder or the account that contains it. You can set very detailed access/sharing permissions on “ We thoughtthe way to file server was an online the file. safely share information Private/public: By default, files uploaded to Box are private to the file owner. You with investors and must explicitly decide to share files. Files that have been shared can be made private throughout the company. ” at any time. Password protection: You can choose to add a password requirement to a file you are Melissa Gannon sharing, so that users need a password to access the file. Head of Corporate Operations, MCR Development LLC Notification: You can configure Box to notify you by email when someone views, downloads, comments on, edits or uploads files or folders. Notifications can occur on each event or in daily summary form, depending on your preference. Links: One way to share files is to send people a link to the file in Box; the links are Box Sales unique, randomly-generate IDs. You decide whether recipients can download or Call 877-729-4269 simply preview the file. www.box.net Time-based access controls: You can set expiration dates for file access. Collaboration: Create collaboration folders to collaborate with others, and invite collaborators using detailed roles-based permissions (for Business and Enterprise accounts). For example, you can restrict partners to a Previewer role, so they can see but not download files, or an Uploader role, to securely drop files without seeing what else is there. Global Settings At a global level, administrators can set certain restrictions across all users in a Business or Enterprise account, including: Who can create folders or upload files Whether users can share links to content Whether link recipients can download content Who can invite collaborators When links expire When collaboration expires. Audit Trail Box automatically logs all file and user activities on the application and maintains a complete audit trail of all activity within the account. The audit log provides administrator insight into what is being done in the system, facilitates discovery, and demonstrates compliance with relevant industry regulations. Audit logs are date/time stamped, and tracked by user name, email address, IP address, and action taken. You can sort by these attributes or drill down to particular groups, ranges of dates, files or users. You can also export the audit log as a CSV-formatted file. © Box, Inc. – 220 Portage Ave. Palo Alto, CA 94306 USA – www.box.net – sales@box.net – 877-729-4269
  • 4. A comprehensive set of reports lets you report on data along these dimensions. Predefined security reports provide valuable insight into the potential misuse or abuse of data. You can also configure Box to alert you to failed login attempts, requests for forgotten passwords, or password changes. Box retains audit logs for one year. In Storage “ In today’s enterprise, there’s definitely a need for Once uploaded, the file itself is stored within the Box storage cloud. both an internal and an external sharing solution. Sharepoint helped us Encryption internally, but from an For Enterprise accounts, data is encrypted in storage using 256-bit AES encryption. The external communication encryption key itself is encrypted with a Key Encryption Key (KEK). The key encryption and collaboration key is stored securely, separately from the data, and rotated frequently according to best standpoint we needed Box practices for key management. All access to the keys is logged and audited. to allow us to manage files with greater flexibility, Because data is encrypted in storage, even if someone were to access the file in storage, particularly with users that they could not see the data in the clear. might not be part of As mentioned in the data transit section, data is also encrypted in transit using SSL/ our enterprise. ” HTTPS (Business and Enterprise accounts). Sean Andersen Director of Interactive Services, Six Flags Backup/Replication/Disaster Recovery Not only is Box storage resilient to device failure, but the company also sends encrypted data to secure offsite storage for redundant backup, which essentially replicates the file to a different location to protect it from site-wide disasters Box Sales Call 877-729-4269 Remember that the off-site storage retains the encrypted data, without the encryption www.box.net keys necessary to decrypt the data. Data Retention You’ve shared your file and completed the project. What happens once you delete the file? The file, once deleted, goes to the Trash. You can configure exactly how long things stay in the trash, ranging from 70 days to forever. If you decide you still want that file, you can retrieve it from the trash during this time period. Once a file has been deleted from the trash, Box retains the ability to retrieve deleted data from the backup for a limited time period. Contact support@box.net if you need to reclaim files already deleted from the trash. © Box, Inc. – 220 Portage Ave. Palo Alto, CA 94306 USA – www.box.net – sales@box.net – 877-729-4269
  • 5. SAS-70 Type II Throughout the Stack When most cloud companies talk about SAS-70 certification, they’re talking about the data centers that they hire to host their services. Obviously, it is critical that these data centers meet high standards for security and availability. At Box, we maintain SAS-70 Type II certification and audits for our corporate operations as well, beyond the hosted data centers. So, we’re SAS-70 throughout the stack – “ Box has certainly something that few other cloud-based service companies can boast. saved us money, but more importantly it’s saved us time and energy. I take one Data Center Security and Availability or two fewer aspirin Box uses multiple data centers to host its application and data, providing essential each month. ” redundancy. Bill Bocash Box data centers are SAS-70 Type II compliant and use advanced measures for IT Manager, Stonewall Kitchen redundancy, availability, physical security and continuity. Here are some of the highlights of their security and availability measures. Availability: Data centers have n+1 (or greater) redundancy for all critical components, including cooling systems, power, connectivity, and other essential systems. (N+1 Box Sales means that there is at least one spare for any single point of failure.) Call 877-729-4269 www.box.net Physical security: All equipment is secured within locked cages or vaults, secured with separate keys or biometric scanning. Access to the facility is protected by 24-hour onsite monitoring and guards, biometric authentication, CCTV with video archives, access control lists, and access and surveillance audit logs. Environmental controls and continuity: Data centers include full Uninterruptible Power Supply systems, backup systems, and uptime guarantees. Data center facilities have advanced fire suppression and flood control measures. All facilities are regularly audited for SAS-70 Type II compliance. Inside Box: Our Policies and Practices Security begins right in our offices, with our facilities, procedures and policies. Every employee is trained on our security policies and procedures. We have a complete SAS-70 audit report, but just to give you the highlights, we maintain and audit policies for: Employee background checks Corporate facility access Acceptable use Removable media Corporate passwords and production passwords Access privileges © Box, Inc. – 220 Portage Ave. Palo Alto, CA 94306 USA – www.box.net – sales@box.net – 877-729-4269
  • 6. Incident response procedures Security training Patch management Standards for hardened systems System configuration Change management “ What’s great about Box Box also works to maintain the security of its corporate networks and files, with: is that it keeps great records Network intrusion detection systems and host intrusion detection of everything going on, I can control who has access System, network, and application log reporting, analysis, archiving and retention to what... I have complete Network device baseline standards transparency of every file Continuous internal monitoring on our system...I don’t have Regular vulnerability scanning to worry about having a Remote network access through VPNs with multi-factor authentication redundant server up, I don’t have to worry about In addition, Box regularly engages third-party network security testing to find potential backups, I don’t have to vulnerabilities. worry about someone going in and kicking the cable An Incident Response Team handles any significant security or service events according out on the machine. All to defined policies. of that is taken care of for me, and that’s a big load Data Breach Practices off my mind. ” In general, the Box Incident Response Team handles any security incidents. James Bambauer Director of IT, If, despite all other protections in place, your data is accessed without authorization, Eveo we will notify you. If personal information about you or your employees is breached from the Box files, Box will notify you in accordance with California Law (California Civil Code Section Box Sales 1798.29 and Section 1798.82). Call 877-729-4269 www.box.net Software Development Processes Ultimately, a commitment to security has to start with the software development process itself. At Box, security is part of the design from day one. QA is integrated into the development process. Changes in various stages of development are tested on a daily basis. Our automated test framework includes both positive and negative testing, with end- to-end testing from authentication onward. We use network security testing and third-party penetration testing to verify the resilience of the system. © Box, Inc. – 220 Portage Ave. Palo Alto, CA 94306 USA – www.box.net – sales@box.net – 877-729-4269
  • 7. Box Administrators and Your Data Box Customer Support or Engineering may occasionally need access to some of your data to provide support and address technical issues. Here, too, we have policies in place to limit that access to the least access necessary to provide superior support (a “least privilege” strategy). Box carefully enforces role-based segregation of access. For example, access to customer data is limited to specific support roles and levels, and includes limited views, “ It’s been amazing the amount of time and effort such as: that Box has saved us Ability to see the file tree, but not file names versus the status quo of Ability to edit and view user account information (contact info, account status), but how we were used to not files doing things. ” Exceptions to role-based access policies may be granted on a case-by-case basis, and Josh Stein all customer data access is always logged. Managing Director, Draper Fisher Jurvetson Availability and Resiliency We’ve built end-to-end n+1 or better redundancy into the Box service. This means we Box Sales have at least one extra of everything, ready to take over automatically in case of a failure. Call 877-729-4269 www.box.net While this paper will not outline the entire system architecture, here are some of the highlights. Data Center Redundancy Box is replicated across separate data centers, providing redundancy atop the n+1 (or better) resiliency offered by each data center individually. This redundant architecture gives us a concurrently maintainable infrastructure - we can fix things without ever interrupting service. Across the data centers, we use four distinct Internet providers, ensuring that our service remains online even if an Internet connection fails. Application Architecture Redundancy Within each data center, Box maintains n+1 or better redundancy, with: Redundant load balancers, routers and switches in failover configurations Segmented clusters of application servers handling different functions Master/slave database clusters, replicated in real-time across data centers Multiple log databases replicated in real-time across data centers Resilient storage technologies in multiple storage clouds Backups (encrypted) in offsite storage files In addition, all layers of the application stack are isolated in distinct network segments, with strict Access Control Lists maintained through each, to isolate potential risk. As previously mentioned, encrypted data is also stored in redundant, offsite backups to provide a further layer of protection in the case of failure. © Box, Inc. – 220 Portage Ave. Palo Alto, CA 94306 USA – www.box.net – sales@box.net – 877-729-4269
  • 8. Summary Today’s computing environment is complex, requiring many different layers of security. At Box, we make the security of your data our number one priority. Box is committed to offering you an absolutely safe way to manage, share and access your information. This paper just touches the surface of many of the measures. If you need more detail on a specific area, please contact Box and we’ll be happy to answer your questions. “ I don’t know what we would do if we didn’t have Box. It would just be a disaster. ” Jordan LaRusso Marketing Coordinator, Crocs Footwear Box Sales Call 877-729-4269 www.box.net © Box, Inc. – 220 Portage Ave. Palo Alto, CA 94306 USA – www.box.net – sales@box.net – 877-729-4269