Box developing AI to hunt for data breaches

Box Shield will monitor all file activity, making it easier to spot leaks

Cloud content management firm Box is working on a machine learning-based security platform to give admins a detailed overview of a company's content and provide early warnings of potential data breaches.

Box Shield, which is currently in preview stage, is being built to sit on top of the company's existing portfolio of products, allowing security analysts to check to see what content is being accessed, who is accessing it, and whether sensitive data is being downloaded.

Advertisement - Article continues below

One of its main features is its artificial intellignce layer, which is being trained to categorise employees based on their activities, and flag to admins if any unusual behaviour was discovered.

Each employee's activity history is monitored, including where and how they access files

Revealing the platform at its annual Box Works conference in San Francisco this week, the company explained that the system is designed to prevent employees from accessing data they shouldn't and to identify those accounts that may have been compromised.

In an example shown on stage, the system is capable of building profiles of employees, for example, sales team members, and alert IT teams if such users attempt to access content belonging to another, unrelated team, such as engineering.

Similarly, the system is also capable of spotting breached accounts by analysing the location of a recent login and assessing whether it was possible for that employee to have travelled to that area since their last activity.

Access policies can be set on a file-per-file basis, whether being accessed internally or externally

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Box claims the system solves the problem of keeping track of both internal and external users accessing content within an organisation, particularly as there's no guarantee they are using secure or a managed device.

"Collaboration is happening at an accelerated pace," said Jon Fan, vice president of product management at Box. "We have more people working on our content, and it's not only just our employees, it's the employees of our partners, our vendors, or suppliers... but even more so now it's including things like our contractors.

"So we no longer have purely internal or purely external users in our organisation. This makes it really difficult to protect our data."

Box said it's also building in an enhanced firewall that offers a more robust version of two-factor authentication, that not only verifies a login but also checks to see whether the account is genuine.

Security policies can be adjusted on the fly, and assigned to specific documents

Advertisement - Article continues below

Another major feature is the ability to create focused security policies that can be applied universally at the content level. Based on the demo shown on stage, this essentially works in the same way as tagging emails, where you can assign a predefined policy to a file or folder on the fly.

These policies can be built within the Box Shield dashboard, allowing admins to define whether a policy lets users download content for offline use, or share content beyond their organisation. This also means that policies already applied to documents can be adjusted over time, such as adding or removing approved users.

A beta version of Box Shield is planned for later in the year, however, the company gave no indication as to when it plans to release the product generally, or how much it will cost.

Featured Resources

Successful digital transformations are future ready - now

Research findings identify key ingredients to complete your transformation journey

Download now

Cyber security for accountants

3 ways to protect yourself and your clients online

Download now

The future of database administrators in the era of the autonomous database

Autonomous databases are here. So who needs database administrators anymore?

Download now

The IT expert’s guide to AI and content management

Your guide to the biggest opportunities for IT teams when it comes to AI and content management

Download now
Advertisement

Recommended

Visit/security/cyber-security/355267/zoom-hires-ex-facebook-cso-to-boost-platform-security
cyber security

Zoom hires ex-Facebook CSO Alex Stamos to boost platform security

8 Apr 2020
Visit/security/vulnerability/355236/hp-support-assistant-flaws-leave-windows-devices-open-to-attack
vulnerability

HP Support Assistant flaws leave Windows devices open to attack

6 Apr 2020
Visit/security/cyber-security/355234/safari-bug-let-hackers-access-cameras-on-iphones-and-macs
cyber security

Safari bug let hackers access cameras on iPhones and Macs

6 Apr 2020
Visit/software/video-conferencing/355229/zoom-we-moved-too-fast
video conferencing

Zoom CEO admits company "moved too fast" as privacy issues mount

6 Apr 2020

Most Popular

Visit/mobile/mobile-phones/355239/microsofts-patent-design-reveals-a-mobile-device-with-a-third-screen
Mobile Phones

Microsoft patents a mobile device with a third screen

6 Apr 2020
Visit/server-storage/servers/355254/a-critical-flaw-in-350000-microsoft-exchange-remains-unpatched
servers

A critical flaw in 350,000 Microsoft Exchange remains unpatched

7 Apr 2020
Visit/software/video-conferencing/355257/taiwan-first-country-to-ban-zoom-amid-security-concerns
video conferencing

Taiwan becomes first country to ban Zoom amid security concerns

8 Apr 2020