Data loss prevention
Prevent data losses and breaches with enhanced security from Box
What is data loss prevention?
Data loss prevention is a strategy for avoiding the deletion, corruption, or exposure of confidential or proprietary data stored on company devices, networks, and servers. A data loss prevention platform uses tools like encryption, access permissions, and activity monitoring—among others—to significantly reduce data security risks associated with malicious activity, employee neglect, and content proliferation.
Restore data security and control
Mitigate security challenges. Protect confidential data with centralized security controls and detailed access reports without minimizing productivity and mobility.
Set granular permissions. Access permissions can be as simple or complex as needed, enabling productivity while preventing unwanted exposure.
Block untrusted devices and networks. Prevent unintentional data loss by blocking access to content and data from unsecure devices or untrusted networks.
Avoid common security vulnerabilities
Revoke access instantly. If an unsecure device is lost or stolen, security administrators can revoke access permissions immediately to minimize data exposure.
Abandon email attachments. Email creates data sprawl and increases opportunities for exposure and breach. Send files directly from Box, and abandon email attachments altogether.
Centralize content. All data and documents can be stored on a single, central platform, minimizing content proliferation.
Enjoy automated data security
Quarantine sensitive data. Enhanced data identification capabilities automatically detect and quarantine files containing sensitive data like social security numbers and credit card information.
Extend security policies. Enforce data compliance on files shared externally with mandated acceptance of terms, detailed audit trails, access revocation abilities, and password protection.
Identify insider threats. Establish automatic notifications for potentially malicious behavior like downloading suspicious files and applications or collaborating with a suspicious domain.
Avoid costly fines and reputation damage
Protect business revenue. Data breaches can cost companies millions of dollars. Data centralization in the cloud provides enhanced protection from the most common culprits for data loss.
Recover important files. Avoid critical data loss that results from ransomware attacks. Box creates a new file version with each save, allowing affected files to be deleted without original data corruption.
Prove compliance. Run detailed audit reports on file and data access, and produce requested documentation instantly with a centralized and searchable file repository.
Defend against unintentional exposure
Thwart phishing attempts. Reduce the success rate of phishing attempts and other Advanced Persistent Threat attacks with multiple layers of security, defense, and encryption.
Defend user credentials. Box offers native two-factor authentication capabilities and partners with major single sign-on providers to reduce the risk of loss from user credential exposure.
Encrypt sensitive data. Box supports 256bit AES at rest and SSL 3.0 and TLS 1.0-1.2 for the web application and API in transit. We use 2048-bit public keys in our certificates and only high-strength symmetric ciphers.
Data loss prevention for every industry
Protect PHI. Safely transfer medical records and DIACOM files between providers and insurance administrators. Box is a trusted platform for PHI, PHRs, and medical research.
Guarantee FINRA compliance. Box enables full compliance with SEC 17a-3 and 17a-4, keeping customer financial information secure on our fully FINRA-compliant platform.
Adhere to global security standards. Box adheres to strict and varied data governance regulations internationally, meeting regulations in the US, EU, Asia, Australia, and Canada.
Centralize content for enhanced data loss prevention
Data security and workplace productivity shouldn’t be exclusive concepts. With Box, they don’t have to be. Secure confidential, protected, and proprietary data with enhanced access controls, audit logs, and risk notifications.