One of the most widely used and popular cloud data management programs is the Box. Cloud storage can be rendered with the file hosting services for personal accounts as well as businesses in Box Security.
Training to Respond to a Data Breach
- All user access should be managed: It is better that users, who need to access the Box account, are added by the admin. The users can be added either manually by the admin or they can be given rights to add themselves to the Box account. The admins will have more control over the managed users in these following narrated respects:
- They can create a managed users group and delegate or delete certain permissions
- They get instantly notified when there is forced logins through web browsers
- They can set the maximum data storage limit for user access
- They can access any managed user’s account
- Any program list can be accessed
- At the time of content retaining, they can exit the user access
- They get password reset notification
- Manage partner collaboration on sensitive data: International security standards for data regulation and protection like FISMA and HIPAA are applicable to the enterprises and their associates also. Follow these steps to append the managed users:
- Login to your Box account
- Click on the Admin console
- Under the managed user section, click on +user option
- A window opens. Fill in the details like username, email id and the storage limit. You can control permission of data access in the same window.
- Click on Add User when the account gets configured in customized settings.
- Configure the roles of managed users: This is done to control access to the managed users.
- Administrators- When a large number of Box user accounts are to be managed, then privileged account of the end user has to be properly allocated. The admin has to actively inspect privileged activities so as to prevent unauthorized access of intellectual properties of the enterprise.
- Co-administrator- The co-administrator has no right to modify the permissions of the administrator. The other differences between admin and co-admin rights are:
- The billing information and the admin account login cannot be viewed by the co-admin.
- The account settings cannot be changed or the silent mode tool cannot be accessed by the co-admin. In silent mode, the notifications for a specific time period can be stopped.
- For the safety of the data on cloud, it is advised that the admin customize the co-admin permissions; thus achieving high level of Box Security.
- Group Admin- The group admin is to manage a sub-team. The group admin can manage permissions of users in the group and run reports.
- No unnecessary access to co-admin: Until and unless there is a dire necessity, the admin has to not give all permissions to the co-administrator, especially the login right of other accounts. This may give rise to compromise in login credentials and might pose risks for data exfiltration.
- Account inactivated on employee termination: All the contents get permanently erased if the admin deletes a user from the Box account. So, when an employee resigns, it is better than the admin transfer all the files of the resigned employee to another existing employee account so that the files are preserved on account deletion. Apart from this, the account can be deactivated which is a better option and has fewer complications than permanent account deletion.
- No permissions for username modification: In Box account, if users are given permission to modify their names, then they will be able to alter their personal email id also. The user can thus change the account password and access it which poses data security risks.
- Failed Login Attempt” feature activation: Activate this feature, wherein, any mistyping or entering old passwords for more than 5 attempts triggers the “failed login attempt” mode.
- Persistent login deactivated: Do not adopt persistent login for the purpose of Box Security.
In addition to following all the practices for Box account security, it is highly recommended that enterprises adopt some highly useful CASB solution so that any security gaps are filled up by it and the data remains completely safe and secure.