Your Privacy is Paramount
We take every precaution to make sure your confidential information stays that way.
- HIPAA Compliance provides the administrative, technical and physical safeguards to support your organisation’s compliance with HIPAA.
- Certified for EU and Swiss Safe Harbor frameworks for the collection and use of personal data from European member countries.
Comprehensive Reporting, Logging and Audit Trails
Track account activity, file access, settings changes and nearly everything else that occurs in your organisation.
- Full Transparency
See user activity with reports on over 50 different events across seven different categories.
- Reporting and Audit Trails
Create detailed reports or integrate events into SIEM applications like HP ArcSight, Splunk, and SumoLogic.
- Follow Users and Activity
Track usernames, email and IP addresses. See timestamps for every action through the Admin Console and the reporting API.
Control Access, Authentication
Easily configure permissions for your organisation to ensure that the right people have the right level of access to company information.
- Strong Authentication
Customise password strength requirements, resets, failed logins, session duration, two-factor authentication, and single sign-on integration.
- Granular Authorisation
With seven levels of permission for access, preview, editing and sharing, you can ensure individual users and groups can only see what they need to.
- Flexible Access Controls
Password-protect confidential presentations and financial documents. Set automatic expiry dates for sensitive files.
- Enterprise Mobility Management Partnerships
Box works with leading EMM providers to offer additional security, configuration and device management.
Data Protection: Encryption
and Security Policies
Protect the confidentiality and integrity of your files and data in transit and at rest.
- Layered Encryption in transfer with high-grade TLS and multi-layered encryption at rest with 256-bit AES. Encryption keys are securely stored in separate locations.
- Enterprise Key Management (EKM) provides the option of customer-managed encryption keys protected in a Hardware Security Module (HSM) with an unchangeable audit log of key usage.
- Data Integrity Version, deletion and expiry controls protect the integrity of your content.
- Content Security Policies Prevent data loss with alerts of unusual download activity, shared files with sensitive information and uploads with prohibited data.
Cloud Security and Availability
Our cloud service providers build redundancy into services. All cloud providers employ a variety of security mechanisms, including strict access policies plus secure vaults and cages.
- Secure Locations
Our data centres use biometric entry authentication, closed-circuit video monitoring and 24/7 armed guards.
- System Redundancy
N+1 or greater redundancy for all network components and system components.
- Threat Protection and Prevention
Uninterruptible power and backup systems as well as fire/flood detection and prevention are used at storage sites.
Request more information or a demo