Box Announces New Security Partnerships and Features to Protect Content in the Cloud


Updates its Trust Partner Program with New Cisco, Relativity, Theta Lake, and Splunk Integrations

REDWOOD CITY, Calif.--(BUSINESS WIRE)-- Box, Inc. (NYSE:BOX) today announced updates to its Trust Partner Program, which brings together a select group of industry-leading security and compliance platforms to advance security in the enterprise. These updates include new and deepened integrations with Cisco, Relativity, Theta Lake, and Splunk that extend Box’s native security and compliance capabilities to an ecosystem of solutions, helping customers connect and protect their content across multiple applications. Box also announced new security enhancements to its core platform that will help admins and security teams protect the flow of content inside and outside of the organization and across multiple devices.

“The security landscape is evolving faster than ever before, with hybrid work introducing new security risks, and businesses implementing multiple solutions to combat cyber threats,” said Diego Dugatkin, Chief Product Officer at Box. “To meet the changing needs of the enterprise, we are thrilled to deliver a set of integrations that enrich our partner ecosystem while also bolstering the Box Content Cloud’s core security posture. With these advancements, Box is setting a new standard for security in the cloud and is making it easier than ever for customers to use Box alongside best-in-class security solutions to protect and secure their data.”

Originally launched in 2014, Box has built an ecosystem of over 20 security, governance, and compliance partners through its Box Trust Partner Program and serves as the single layer that protects and connects content across multiple applications. To meet the evolving threat landscape, today Box is strengthening the Box Trust Partner Program with the following new and enhanced integrations:

Box and Cisco:

This week at the RSA Conference, Box and Cisco will demonstrate a post-login authentication scenario in which a user’s security posture changes after their initial login. If a user exhibits suspicious behavior based on pre-configured security policies, Cisco Secure Access by Duo sends Box a signal that triggers a user session termination. This integration leverages the Continuous Access Evaluation Protocol (CAEP), which is part of the OpenID Shared Signals and Events framework, making it easier to share signals across the security ecosystem.

“As more organizations move to hybrid modes of working, we want to make it easy to dynamically detect and respond to risk across our environments - instead of siloing signals in specific applications or vendors,” said Jeetu Patel, Executive Vice President and General Manager of Security and Collaboration at Cisco. “Expanding our partnership with Box is critical to this experience and delivering on our promise to integrate with applications our customers use the most.”

To learn more about Box and Cisco’s integrations, visit the Box App Center.

Box and Relativity:

Available today, RelativityOne now supports direct file collections from Box complementing legal hold capabilities in Box. For data governance needs, Box’s Relativity integration helps users centralize their most critical information to better streamline their information governance.

“Security is a top concern for our joint customers, many of which are Fortune 500 companies,” said Chris Brown, Chief Product Officer at Relativity. “We are thrilled to integrate with Box to bolster RelativityOne Collect’s ability to directly pull external data into the platform. This integration represents how Box and Relativity are working to help our users organize data so they can more easily discover vital insights in unstructured datasets and take action.”

To learn more about Box and the Relativity integration, visit the Box App Center.

Box and Theta Lake:

Theta Lake recently announced a technology partnership with Box that enables the capture, retention, and supervision of electronic communications. Available today, content and metadata in Box, like comments, tasks, and annotations on files can now be captured in Theta Lake’s 17a-4, WORM compliant archive or sent to an existing third-party email archive. This allows organizations in highly regulated industries, like financial services, to use Box as their secure content management system and can feed electronic communications into data governance solutions such as Theta Lake to satisfy business preservation regulations as well as audit and legal requirements of their overall compliance program.

“By continuing to provide a seamless integration with Box’s platforms for data and content management, we’re helping to give customers in highly regulated industries a solution for working securely and compliantly in the cloud,” said Anthony Cresci, SVP of Finance, Business Development, and Operations at Theta Lake. “Box has become integral to workplaces as teams continue to work from anywhere, and we’re thrilled to take our partnership to the next level in order to better serve our joint customers.”

To learn more about Box and the Theta Lake integration, visit the Box App Center.

Box and Splunk:

Available today, security analysts using Splunk can efficiently evaluate alerts from Box Shield, alongside data from other applications, and launch directly into Shield alerts for more details. In addition to security events, the Splunk Add-On for Box can collect data such as enterprise events, users and user groups, collaborations, and metadata about files and folders via the Box REST APIs. This allows full visibility into activities from a wide range of sources, such as Box, empowering you to respond to threats in real time with insights so you can act accordingly.

To learn more about Box and the Splunk integration, visit the Box App Center.

New Security Enhancements

These new integrations add features and functionality to enhance the robust security and privacy controls embedded within the Box Content Cloud. Building on this innovation, Box today announced the following security features and controls to help Box customers achieve Zero Trust security:

  • Group-based Device Trust policies that willenable admins to put into place security policies for a group of users versus an all-or-nothing scenario, beginning with Device Trust policies. Group-based Device Trust policies will give security teams more granular controls through customizable options.
  • A new API for user session management that will force user session termination and a re-login for users who may be potential threats because their security posture has changed. This will give IT, security, users, and Box admins more protection against suspicious user activity and is available today in private beta.
  • An additional multi-factor authentication (MFA) option through email that will assist end-users with logging in without having to rely on a mobile authenticator app or SMS text message. Email-based MFA will give users another option for securely logging in from anywhere.
  • Multi-factor authentication backup codes that will allow end-users to generate and download backup codes which they can use in lieu of an authenticator code or SMS. This will allow users who lose or don’t have access to their device to access their account without interruption.

These enhanced security functionalities will be available soon and come on the heels of the recent updates Box made to its advanced security solution, Box Shield. In April, Box announced deepened threat detection capabilities including the ability to scan additional file types, including Microsoft Office, add automatic watermarking to classified documents, and an access policy monitoring mode to passively monitor how access policies could potentially interfere with end-users before enforcing them.

For more information on today’s news, visit the Box blog. Additionally, the Box Trust Partner Program is by invitation only and will continue to add new partners annually. Those interested in applying for the program can submit requests here.

About Box

Box (NYSE:BOX) is the leading Content Cloud, a single platform that empowers organizations to manage the entire content lifecycle, work securely from anywhere, and integrate across best-of-breed apps. Founded in 2005, Box simplifies work for leading global organizations, including AstraZeneca, JLL, and Nationwide. Box is headquartered in Redwood City, CA, with offices across the United States, Europe, and Asia. Visit to learn more. And visit to learn more about how Box empowers nonprofits to fulfill their missions.

Dani Robin

Source: Box, Inc.