Securing Content: The Core Currency of Your Business. Brian Davis President, Net Generation



Similar documents
Increase the Security of Your Box Account With Single Sign-On

Dropbox for Business. Secure file sharing, collaboration and cloud storage. G-Cloud Service Description

Secure and control how your business shares files using Hightail

Security Information & Policies

Ensuring Enterprise Data Security with Secure Mobile File Sharing.

Security Overview Enterprise-Class Secure Mobile File Sharing

Comparing Box and Egnyte. White Paper

White Paper. Anywhere, Any Device File Access with IT in Control. Enterprise File Serving 2.0

Introduction to the Mobile Access Gateway

THE BLUENOSE SECURITY FRAMEWORK

Secure any data, anywhere. The Vera security architecture

Top. Reasons Federal Government Agencies Select kiteworks by Accellion

SAFELY ENABLING MICROSOFT OFFICE 365: THREE MUST-DO BEST PRACTICES

The Netskope Active Platform

Google Identity Services for work

FileCloud Security FAQ

This paper introduces the security policies, practices, and procedures at Smartsheet.

Safeguard Protected Health Information With Citrix ShareFile

Egnyte Cloud File Server. White Paper

Symantec Enterprise Vault.cloud Overview

How To Secure Shareware Kiteworks By Accellion

Egnyte Security Architecture

ShareFile Security Overview

Securing Office 365 with MobileIron

Securely Yours LLC IT Hot Topics. Sajay Rai, CPA, CISSP, CISM

Cloud-enable your Storage with EgnytePlus File Sharing Infrastructure

Syncplicity Security and Control Features

Dell World Software User Forum 2013

FormFire Application and IT Security. White Paper

All your apps & data in the cloud, all in one place.

Security, trust and assurance

Citrix ShareFile Enterprise technical overview

NCSU SSO. Case Study

White Paper How Noah Mobile uses Microsoft Azure Core Services

Dropbox for Business security A Dropbox whitepaper

Security Considerations

Top Five Ways Any Business Can Benefit from Box

Top Five Security Must-Haves for Office 365. Frank Cabri, Vice President, Marketing Shan Zhou, Senior Director, Security Engineering

Top. Enterprise Reasons to Select kiteworks by Accellion

The SparkWeave Private Cloud & Secure Collaboration Suite. Core Features

Paxata Security Overview

Maginatics Cloud Storage Platform Feature Primer

Securely. Mobilize Any Business Application. Rapidly. The Challenge KEY BENEFITS

Anypoint Platform Cloud Security and Compliance. Whitepaper

Enterprise Mobility Suite (EMS) Sean Lewis Principal Partner Technology Strategist

Choosing an SSO Solution Ten Smart Questions

What We Do: Simplify Enterprise Mobility

How to use the Alertsec Service to Achieve HIPAA Compliance for Your Organization

MAXIMUM DATA SECURITY with ideals TM Virtual Data Room

Active Directory Integration WHITEPAPER

ShareFile Enterprise technical overview

FileDrawer An Enterprise File Sharing and Synchronization (EFSS) solution.

ShareFile provides effective collaboration and file access wherever and whenever you need it. WHITE PAPER ShareFile by Citrix.

Sean Horne CTO EMC UKI. The leakage of Intellectual Property.. .and the risk of Privacy, Trustworthiness, Governance and Data Breaches

Solving the Online File-Sharing Problem Replacing Rogue Tools with the Right Tools

Securing and Monitoring Access to Office 365

Security Overview kiteworks

Data Storage That Looks at Business the Way You Do. Up. cloud

OCTOBER 2015 TAULIA SUPPLIER ARCHITECTURE OVERVIEW TAULIA 201 MISSION STREET SAN FRANCISCO CA 94105

PCI DSS COMPLIANCE DATA

PROTECTING YOUR VOICE SYSTEM IN THE CLOUD

Level I - Public. Technical Portfolio. Revised: July 2015

Understanding Enterprise Cloud Governance

SMS. Cloud Computing. Systems Management Specialists. Grupo SMS option 3 for sales

Visibility and Control for Sanctioned & Unsanctioned Cloud Apps

Top. Reasons Legal Firms Select kiteworks by Accellion

The Essential Security Checklist. for Enterprise Endpoint Backup

Directory Integration with Okta. An Architectural Overview. Okta Inc. 301 Brannan Street San Francisco, CA

AirWatch Solution Overview

Citrix ShareFile Enterprise: a technical overview citrix.com

Company Facts. 1,800 employees. 150 countries. 12,000 customers and growing. 17 languages. 11 global offices

Solve the Dropbox Problem with Enterprise Content Connectors. Whitepaper Solve the Dropbox Problem with Enterprise Content Connectors

Moving to the Cloud: What Every CIO Should Know

ShareFile Enterprise for healthcare

GoodData Corporation Security White Paper

SuiteCloud Platform. The Ultimate Business Cloud Platform. SuiteCloud Developer Tools Features. BENEFITS FOR ISVs. Data Sheet BENEFITS FOR CUSTOMERS

Egnyte Security Architecture. White Paper

White Paper. Protecting Mobile Apps with Citrix XenMobile and MDX. citrix.com

Getting Started with Clearlogin A Guide for Administrators V1.01

When enterprise mobility strategies are discussed, security is usually one of the first topics

Enterprise Content Sharing: A Data Security Checklist. Whitepaper Enterprise Content Sharing: A Data Security Checklist

Three Ways to Integrate Active Directory with Your SaaS Applications OKTA WHITE PAPER. Okta Inc. 301 Brannan Street, Suite 300 San Francisco CA, 94107

API-Security Gateway Dirk Krafzig

Data Storage that Looks at Business the Way You Do. Up. cloud

Secure, Scalable and Reliable Cloud Analytics from FusionOps

Media Shuttle s Defense-in- Depth Security Strategy

Your New Cloud Storage Business. Three solutions that will impact your organization

Transcription:

Box Security Whitepaper Box: Redefining Security for the Cloud Securing Content: The Core Currency of Your Business We know that your content is the core currency of your business. Product requirements, detailed financial analysis, customer communications and long-term plans must be managed, secured and controlled to maintain your competitive advantage and more importantly, the trust of your customers and shareholders. Because of this, Box is working tirelessly to redefine the standards for content security in the cloud. Our ongoing investment in technology, infrastructure, compliance and control for our customers is unmatched our customers routinely tell us they would have to hire dozens of security and IT experts to even approach the level of innovation and protection Box provides. Our customers trust us to encrypt, manage and securely share 50 million new files uploaded every week (over 90TB of data), in industries like healthcare, financial services and legal. Box s security controls and the ability to turn on and off folder access are key for us. Brian Davis President, Net Generation Unlike other simple sync and share providers, Box understands that the security of our customers data goes well beyond encryption and physical datacenter security. We know that effectively balancing IT s requirements with employees productivity is no small task. As a result, we approach security with a unique perspective, and the work we are doing in the enterprise cloud ecosystem is changing the way the industry approaches security. In a collaborative environment, we need a new model for security, one that puts content at the center and surrounds it with the strongest possible solutions for User and identity management, Device and App security, and the visibility and Intelligence to oversee it all. We re redefining the bar for cloud security, by: Putting content at the center: with end-to-end encryption, robust permissioning, strict policy compliance, and unmatched physical and infrastructure security, Box operates the most secure platform for content, collaboration, mobility and the best architecture in the business Securing users and identity, giving the businesses that choose Box simple, centralized tools to manage identity, collaborators, and individual account access Box, Inc. 4440 El Camino Real. Los Altos, CA 94022 USA sales@box.com 877-729-4269

Managing every device, giving administrators granular controls over what devices have access to Box content, globally and on a per-user basis, through product-level features as well as a rich ecosystem of device management partnerships Box provides valuable administrative features, which let us easily set granular permission controls across all our content and all our users. Christopher High Sales & Marketing Development, Alere Protecting app access, by understanding that virtual endpoints are a critical part of a productive mobility strategy. The Box OneCloud ecosystem of applications are closely managed and validated to ensure that every time a user touches content via the API, those connections and edits are safe and secure Providing intelligence and visiblity over all the content, users, devices, and activity in your account. With a rich set of out-of-the-box reporting and analytics tools in the Administrative Console, plus the Box reporting API, businesses get up-to-the minute information about what s happening with their content. Box is building tight integrations across cloud services, creating a single platform to manage security, content, mobility, and identity. At the same time, we make the whole platform simple, effective and flexible for you and your employees. It s critical to strike the right balance between risk mitigation and utility. If you don t, you risk locking down content to the point that you push employees to adopt unsanctioned tools and break those carefully crafted security policies you have in place. Here s how Box addresses all five of these critical security capabilities on our platform: Content Security: Unshakeable Foundation for Collaboration Certainly, content security begins with the encryption and proper management of your content, from the point they begin the journey to Box, through transit, and ultimately at rest within the Box platform. Every file for every user is encrypted in transit between the user (independent of platform web, desktop or mobile) and Box data centers with high-grade SSL encryption. Once encrypted data reaches the Box network, files stored on our platform are 256-bit AES encrypted at all times and protected by a sophisticated key wrapping strategy. Our design protects your data and the keys from unauthorized disclosure, and our key management best practices include regular re-keying processes. At the platform level, Box s corporate network and datacenters are continually tested in accordance with SSAE 16 Type II and ISO270001 standards, and we carry regularly updated third-party SOC1 and SOC2 certifications of our compliance. Unlike other cloud providers who simply pass through their co-located datacenter certifications, Box maintains our own SSAE 16 Type II certification and audits for our corporate operations and platform. We re SSAE 16 Type II across the whole stack something few other cloud platforms can boast. We re fully HIPAA and HITECH compliant, as well we re the trusted platform for doctors, hospitals, and health plans for their protected PHI and PHR. Our physical infrastructure is designed not only for disaster recovery, but true disaster avoidance, building in advanced measures for N+1 redundancy for all components, geographical diversity, physical security, and environmental controls. Access to systems are monitored around the clock by onsite monitoring and guards, and access to cages are restricted to only top-level clearance Box employees, managed by keys and biometric scanning. All facilities are regularly audited for SSAE 16 Type II compliance. Box, Inc. 4440 El Camino Real. Los Altos, CA 94022 USA sales@box.com 877-729-4269

Box also offers deep integrations with DLP providers like Proofpoint, Code Green Networks and CipherCloud, making it effortless for businesses to identify restricted content and pull it from shared folders, ultimately helping protect against the loss of confidential and restricted information. Our goal is to give businesses the comfort, confidence and control over their content regardless of access method. We thought an online file server was the way to safely share information with investors and throughout the company. Melissa Gannon Head of Corporate Operations, MCR Development LLC Finally, we re proud to be Corporate Members of the Cloud Security Alliance and the STAR Registry the industry group committed to promoting the use of best practices for providing security assurance within Cloud Computing. Secure Users and Identity: Know Who, When, Where and Why The second critical capability of a secure cloud collaboration platform is simplifying the management of identity, including what information is being accessed, by whom, and what transactions they are completing. In almost every case, businesses adopting Box gain tighter control over their data and identity than they ever had before. Box gives administrators total control over account access and administration. Businesses own the configuration of password policies for users, and Box offers full integration to Active Directory, LDAP, and ADFS 2 to give IT centralized management for identity and access. In addition, Box supports SAML 2.0 and other Single Sign-On (SSO) providers for easy integration with a variety of identity providers. To ensure businesses of all sizes can protect access to their content, Box also provides native multi-factor authentication verification to all users. For SSO, Box partners with identity management leaders like Ping, Okta, Citrix, OneLogin, Tivoli, Symplified and VMware. This lets our customers manage identity and access to Box and other services centrally, cutting down the complexity of today s IT landscape. For every file, directory, and user, Box provides very detailed permissions management capabilities to ensure that both internal and external collaborators must adhere to your corporate guidelines for data access and rights. Down to the file level, users can be granted seven different levels of access, from locked out to full control. Documents can have additional layers of password protection, can be restricted to collaborators only, to company domains, or by groups. Administrators and end users have the ability to tailor notifications around documents, or see detailed access stats on documents, to ensure all activity is tracked and noted. Managing Devices: Desktop, Mobile and Beyond Box was built with mobility and flexibility in mind - we provide the world s most platform agnostic access to content and collaboration, because we believe end users should have secure access to their critical files and workflow from any device, anywhere. To deliver on this vision, we ve developed a set of native tools and features in the product to help manage devices, and we ve fostered a rich ecosystem of MDM providers to help our customers better manage their mobile portfolio. Within the product itself, we offer customers powerful endpoint management tools, including Trusted Device Management, specific Device Pinning, and secure sync clients Box, Inc. 4440 El Camino Real. Los Altos, CA 94022 USA sales@box.com 877-729-4269

that work across every major platform. Additionally, we give administrators fine-grained control over what content they allow to reside on a device. Want to restrict every mobile user from carrying offline copies of content? No problem. For customers investing in Mobile Device Management (MDM) and other mobile solutions, we partner with MDM leaders like Samsung, Good, Airwatch, MobileIron and others to help track, manage and secure a fleet of mobile devices. In today s enterprise, there s definitely a need for both an internal and an external sharing solution. Sharepoint helped us internally, but from an external communication and collaboration standpoint we needed Box to allow us to manage files with greater flexibility, particularly with users that might not be part of our enterprise. Sean Andersen Director of Interactive Services, Six Flags These capabilities together are critical for creating the most secure possible environment for mobile collaboration. By providing federated, monitored access to Box accounts through any mobile device, our security designs ensure that all communications between mobile devices and your content are secure and audited. Box simplifies the challenge of managing mobility by focusing security on the content and federated identity leaving you free of the complexity of managing multiple device profiles and access points. Protect Apps: Secure Productivity with OneCloud and Embed At Box, we understand that visibility and transparency are the hallmarks of any robust security system. Your IT and Compliance teams need both active and passive methods of monitoring content, access, and activity. Through the Box Admin Console and the Box reporting API, administrators have complete access to what s happening in every corner of your business. In addition, Box recognized early on that to truly meet the security and control needs of the enterprise we needed to build a platform that perfectly integrates into the broader enterprise toolset. To accomplish this, we ve developed an ecosystem of security integrations and partnerships that make Box a core part of your infrastructure not an island of disconnected cloud storage. Box Embed and our partnerships with services like Salesforce CRM, NetSuite, Concur, Jive, and others gives businesses the ability to extend the content security, permissions and controls of Box to these platforms, creating a single, secure source of information across any business application or service. Intelligence and Visibility: Discovery, Foresight and Auditing Finally, we understand that visibility and transparency are the hallmarks of any robust security system. Your IT and Compliance teams need both active and passive methods of monitoring content, access, and activity. Through the Box Admin Console and the Box reporting API, administrators have complete access to what s happening in every corner of your business. For proactive discovery, Box provides rich administrative search functionality, giving admins fast access to every document, version, and directory under management. With these tools, admins can quickly perform powerful, targeted searches, gaining visibility into which content is shared and accessed inside and outside their businesses. Another critical security capability we offer is the ability to continuously monitor the events and activity that occur as employees manage content, update information and Box, Inc. 4440 El Camino Real. Los Altos, CA 94022 USA sales@box.com 877-729-4269

collaborate with internal and external partners. Through the Box reporting API, businesses gain the ability to extract log info directly from Box and use it to drive both traditional BI and SEIM activity. Every action on Box is logged for a full audit trail, allowing you to track events by date, time, user, email, IP address, and action. Administrators can access this activity trail via the Admin Console, or directly via the Box API. Summary Box approaches security with a unique perspective, matching our simple, effective content collaboration platform with an unmatched level of security, visibility and control for businesses. We make the security of our customers data our number one priority, and we reflect that goal at every point in our solution. The work we are doing in the enterprise cloud ecosystem is changing the way the industry approaches security. We d love to speak more with you about your security requirements and share more about our platform and architecture. For specific questions, please contact sales@box.com or call us at 877-729-4269. Box, Inc. 4440 El Camino Real. Los Altos, CA 94022 USA sales@box.com 877-729-4269

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information