Box User Guidelines - Rice Data

This document provides guidance and best practices on how to use Box to safely store protected Rice data.

Box Log

Introduction

Box provides a safe platform for protected classifications of data when used properly.

For example: Box encrypts all data it stores, allow for granular access controls, and facilitates access monitoring. 
Folders must be properly configured to take full advantage of these security enhancements.

Using Box as a collaborative space for protected information (including information classified as confidential or sensitive by Rice Policy 808, or information otherwise regulated through federal, state, or local laws; or other information regulated by third party agreement) should make a few changes to important settings in their account.  In addition, Users should create a top-level, separate space for protected information in their Box environment.

An understanding of Box User roles is helpful when applying the principle of least privilege to protected information.

Login to Box

Step 1:  Launch web browser. Point your browser to:  http://rice.app.box.com 
Select: Continue

Step 2: Login to Box with  Rice NetID and Password, select Login

Step 3: Go to the User Profile drop-down, select Account Settings.

account_setting


Account Settings


account_settings_bar


User level Account Settings

Users should leverage tools provided by Box to check for suspicious activity including the following:


User level Account Settings:  Sharing, Email Notifications, General Emails and Notifications

Shared Links

Some settings should also be set for those working with protected data.  Specifically, these settings should be set:

sharing




Collaborating on Content

These settings will  only apply to content that you own. 
By default, Incoming Invitations is selected to "Automatically accept incoming collaboration invitations"



Email Notifications 
  • Set your account to receive notifications when someone downloads, uploads, comments,  previews, or deletes files in folders owned or joined
Email Notifications


General Emails and Notifications 
General Notifications



Uploading Content - this feature is turned on by default

Box Accelerator is a global data transfer network that improves the speed of your uploads.  If you experience issues with uploads, try turning this off. 




User level Account Settings: Security

  • Security:  this section allows the User to view Login Activity
    • Logins to your account are tracked so you can monitor details on each access and manage these applications
Login




  • If collaborator links are used, users should join with the Previewer role
  • When possible, enable the watermarking feature for supported PII documents



To the top

When possible, set an automated unshare date for any shared links (beyond the expected collaboration window)
  • For example, if a collaborative project is only expected to last for (6) six months, set an automatic unshare date for just after that
  • Set an expiration date for shared links

delete or unshare


add or edit tags







See Also: