Many companies store their corporate documentation and collaborate daily through Box. Users access and share files easily, but in many cases the documents shared with third parties contain confidential information, losing absolute control of the information and the use they can do with it. In this article we will explain how you can protect your files stored in Box for safe collaboration.
THE DANGER OF SHARING FILES STORED IN BOX
Users from different departments upload their documentation to Box to store it internally, or collaborate both with other internal users and with third parties. Box allows a simple collaboration with external partners allowing them access to folders where the information is stored, sending them links to download the documentation, etc.
In many cases, documentation stored or shared with third parties contains confidential information. From Box, a user can decide if they want their confidential documentation to be downloaded or printed. However, once the documentation is allowed to be downloaded, the user loses control over it and cannot revoke access to it. Allowing external users to only view the documents is not always an option and it is necessary to collaborate with them, modify them, etc.
HOW TO SHARE FILES SECURELY?
SealPath allows the automatic protection of documentation in Box applying IRM (Information Rights Management) or E-DRM (Enterprise Digital Rights Management) policies so that it can be protected and under control, even if it has been downloaded, being able to audit its use and revoke access if necessary. Here’s how in four easy steps.
MANUAL AND AUTOMATIC PROTECTION OF DOCUMENTATION IN BOX
SealPath allows Box users to manage their most critical information in a secure and flexible way. Simply dragging or uploading the documents to a folder in Box they are protected.
Users can control who accesses their documents, when, with what permissions, and remotely destroy documents even when they are in the hands of external users.
The user can protect the documentation manually before uploading it to Box, but also, with SealPath it is possible to automatically secure the documentation uploaded to Box without the need for user intervention. No need to trust the user to perform manual protection. Administrator initially applies a generic policy on that folder and the business user adds or removes permissions as needed.
Thus, when users download the documentation from a certain library it travels with SealPath protection and you can control who opens it and when or revoke the permission remotely. Additionally, to facilitate management to the IT department and gain in agility, a business user may manage a server’s file permissions at any time using the SealPath automated protection. They can forget having to make requests to TIC and the associated waiting time involved. The administrator initially applies a generic policy for said file with the business user adding and removing permissions where necessary.
On the other hand, thanks to the integration of SealPath with Box Drive, it is not necessary to have the documentation or information synchronized on an external server, taking up space unnecessarily. A SealPath policy is applied to a Box folder and from there, the control of access to the information will be governed by SealPath.
ACCESS WITH THE REGULAR TOOLS AND WITHOUT AGENTS
When users start using new tools or processes are implemented that increase the security level of the information that is managed, the benefits of protection can be perceived as friction. In new collaborative environments, users expect applications and processes with protected information to behave in the same way as with unprotected information.
SealPath has always prioritized the usability of its applications, allowing protected Office, PDF, or CAD documents to be accessed through the usual tools and without external viewers. For example, it is not necessary to install agents to open Office documents and in the case of PDFs the documentation can be opened with Adobe, Foxit, Nitro, Nuance, etc. without a specific viewer.
On the other hand, users of applications like Box are used to accessing documentation also in the Navigator. When we talk about viewing and editing the protected information in the browser, since it is encrypted, it required a local download since the browser was not able to display it.
However, with SealPath, files can not only protect themselves when they are stored in Box, but they can also be viewed, edited, controlled and shared without the need to install agents. And this applies not only to Office files but also to PDFs and other formats.
Let’s look at how users can now manage protected information without downloading anything:
- Mark uploads a document to Box directly from the browser or through Box Drive to a folder secured by SealPath. The administrator has configured it so that only certain users can access and are limited to what they can do (e.g. view, edit, but not print, etc.).
- When the document is stored in the folder, it is automatically protected by SealPath. Mark did not need to take any additional actions.
- Now he can share folders and files with Andrew, an internal user within the company who can view and edit the document, and with Ann, an external collaborator of a supplier partner, who can only view it.
- Andrew receives the link and decides to make changes. With SealPath, he is managing the file securely in his browser and if he tries to print it or ‘copy and paste’ content into another file he will not be able to do so. However, when he makes changes, they are saved correctly in the system.
- The link to the document reaches Ann, who can view it in her browser securely from her computer (whether it is Windows, Mac, Linux or Chromebook) but cannot print it, download it, extract content or modify it.
- If Andrew decides to download it, the protection travels with the file and the company maintains control of it with SealPath.
- Through SealPath, Mark can check who has accessed it, whether someone has tried to access without permissions, etc.
In short, Mark, Andrew and Ann are managing protected information in the same way that they would work with an unprotected document. However, the company can be sure that its sensitive information is secure and under control.
DYNAMICALLY CONTROL THE ACCESS PERMISSIONS TO THE DOCUMENTS
You decide what permission level users need to access the documents. You can grant some users read only permission, others read and edit but not cut and paste or print out content, depending on the sensitivity of the documents involved.
You can grant permission to AD or LDAP groups or include whole domains or subdomains (e.g. *@company.com). You can also provide access to all users while retaining the full access tracking option over a document by adding email@example.com.
Place dynamic watermarks so that if the user makes a screenshot it will be saved with the user’s email address. SealPath enables granular access control that can be configured by users and administrators to act on the document regardless of its location.
DELETE DOCUMENTS BY REMOTE CONTROL AS REQUIRED
Both users and administrators can revoke access to the documents or delete them from a remote workstation. The revocation may apply to an individual document or to a group of documents. Furthermore, the user will lose access to all the protected corporate documents without the need to modify the SealPath policies by simply deleting said user from the active directory.
Link expiry dates to documents so that the users with whom you have shared a document no longer have access rights to the same after a specific date. Edit the expiry date of market files in real time.
MONITORING AND TRACKING ACCESSES
Users can see in real time if other users for whom they have protected the documents have opened them, if anyone has removed the protection because they have sufficient rights or if anyone is attempting to access the protected documentation without permission.
SealPath provides centralized monitoring for the administrator with risk control reports on the documentation including the Top 10 blocked access attempts, which documents they attempted to access plus those accessed without permission, most active internal and external users, most and least used policies, etc. This will give you and instant overview of the situation of the company’s protected documentation.
SO SIMPLE TO SHARE WITH EXTERNAL PARTNERS
Collaboration with external users is extremely simple. External users will also have the option of self-invitation to access the protected documents. Approved users do not need to request the administrators to register them as third-party users. Neither do the administrators have to manage who has access to the platform.
The administrator may initially provide permission to the company’s users from the website administrator’s dashboard. He/she can also register external users automatically. Administrators can control whether or not to provide the option of self-invitation/self-registration to external users or if they prefer to manage it without sending automatic invitations.
POWERFUL ADMINISTRATOR CONTROLS
The administrator is provided with various controls to easily manage the company’s protected documentation and to audit use of the same at any time.
- The administrator can transfer ownership of the protected documents among users. This can be done for all the documents or by protection policy
- The administrator can create protection policies and assign them to users or groups of users, departments, etc. so that the users can then employ these policies to protect documents with the desired protection level without having to create them themselves.
- It has a super-user mode that enables the holder to de-protect any file, leaving a record in the audit log, powerful audit controls to know who has accesses a file and when, etc.
THE BENEFITS OF INTUITIVE AND SECURE COLLABORATION WITH SEALPATH AND BOX
Thanks to the integration of SealPath protection with Box, you can have:
- Automatic protection without user intervention: Once the administrator has decided to apply a protection policy on a Box folder, all the user needs to do is to save the documents that are needed there. They are protected immediately when they are uploaded to the system.
- Monitoring, control, revocation: Of course, the same as with other SealPath files, the company can specify who accesses, when and with which permissions. It is possible to see who is accessing and whether someone attempts to access without permissions. And if at some point it is decided to restrict access to a document, this can be done even if the documents have already been downloaded from Box and are on a third party’s network.
- 100% secure agent-less management of the most sensitive information: Users can trust SealPath to store, share and modify files securely without requiring any type of software download.
- Easy and Secure collaboration with third parties: Users can collaborate on Word, Excel, PowerPoint, PDFs, etc. in a secure web environment while maintaining the company’s confidentiality policies and the information security on the files on any type of device
Would you like to know more about protecting your documentation in Box effectively? Do not hesitate to contact us and we will solve your doubts as soon as possible.