Box core security

Power secure collaboration with a zero-trust approach

non-disclosure and confidentiality agreement open in smartphone app

Leading organizations trust Box to secure their content


Security from the start

We designed the Content Cloud from the ground up to provide world-class, frictionless security, so you protect your most valuable content. That’s why fundamental controls, including identity and access management, device security, content security, and collaboration security, are built right into the core of our platform.

Strong identity and access management

Manage user access seamlessly with multi-factor authentication (MFA) tools that give your users options for receiving MFA codes, including TOTP, SMS, and email. Integrations with single sign-on (SSO) providers streamline verification across applications, including Box. Flexible tools for admins include granular password controls and configurable session timeouts.

Trusted devices, secured content

Box Device Trust lets admins create rules for devices and endpoints to control access to content — like limiting access by operating system version and requiring anti-virus protection. Plus, admins can soon segment security settings by group and risk level. Device pinning can limit devices per account, and Box for Enterprise Mobility Management enables secure access from anywhere.

Built-in content protection

Encrypting content is essential to a zero-trust security strategy. Our core security leverages TLS 1.2 encryption for strong encryption in-transit and 256-bit AES encryption for data at rest. For even more control, use Box KeySafe to manage your own encryption keys, and deter unauthorized sharing with vector-based watermarking that can be applied automatically to classified documents.

Freedom to collaborate securely

Your sensitive content stays secure as you get work done across teams inside and outside your organization. Box goes beyond traditional solutions with a seven-level permissions framework — and advanced controls on who can access shared links with expiration and password options. Even better, collaboration security can be applied at user, file, and folder levels. It’s the perfect balance of flexibility and regulation, built for precise information rights management.

Box complements to your security portfolio, integrating easily with best-of-breed security tools and identity providers you already have in place for a seamless authentication experience. Achieve comprehensive, zero-trust security across devices and quick deployment by integrating Box with your EMM and mobile device management (MDM) platform. Plus, integrate events with your event management (SIEM), and cloud access security broker (CASB) for a unified view.

Box Core Security features


• Strong authentication (SSO and MFA)

• Password controls

• Identity lifecycle management


• AES 256-bit encryption

• FIPS 140-2 certified

• Customer-managed keys


• Centralized audit logs

• Historical reporting

• CASB and SIEM integrations

Information rights management

• Seven user-friendly sharing roles

• External collaboration restrictions

• Shared link expiration and passwords

Data leakage prevention

• Rasterized and vector-based watermarking

• Classification-based watermarking

• Box Shield access policy integrations


• Box Device Trust Device pinning

• IP allow-list

• Device security integrations Box for EMM

Learn about secure collaboration with the Content Cloud

Protecting your content against cyber threats and data loss ebook
Detect threats and prevent data loss

In this interactive ebook, learn how to keep your content safe from cyber threats.

Read ebook
Screenshot of Box Admin
Secure your data with native controls

Manage your users, prevent data leaks, and fine-tune access to sensitive content.

Read blog
IDC logo
Data-centric security in a hybrid world

Learn about the benefits of a data-centric security model in this paper, authored by IDC.

Download whitepaper

Ready to get started?