Skip to main content
McAfee MVISION Cloud

Box Collaboration Known Behaviors

When collaborating in Box, you might notice the following known behaviors. These behaviors are not considered bugs, meaning that MVISION Cloud does not plan changes to functionality to resolve them. Most cases are simply due to the way the Box API works with MVISION Cloud. 

  • Box single file collaboration detection works for Near Real-Time DLP but not On-Demand Scanning
    To avoid a significant performance impact, On-Demand Scans do not check each file for collaboration details. You can enable policies using Near Real-Time DLP in Box to enforce collaboration controls.
     
  • User unexpectedly shows as downloading or accessing a file 
    MVISION Cloud sometimes needs to "impersonate" the owner of a file to download the contents of that file. This means that some users who do not have an account in MVISION Cloud appear in MVISION Cloud, and other times a user appears as accessing a file when they do not touch the file themselves. In each case, the owner of the file is the user shown as accessing a collaboration file.
     
  • Externally owned folders are not managed
    If a folder is owned externally, files that should be quarantined are instead shared successfully. This is a limitation of the Box API. If MVISION Cloud cannot gain access to a folder because it's owned outside your organization, MVISION Cloud cannot manage collaboration in files stored in the folder.
     
  • Distribution Lists
    If you try to collaborate on a file with people on an email distribution list, MVISION Cloud DLP revokes the collaboration. This is because Box Groups are not supported by MVISION Cloud. You will need to send direct collaboration invites to each person, not a distribution list.
     
  • Unknown User in violation after sharing a file
    When a folder has been shared with a person, the user name displays as Unknown in Policy Violation details until the recipient accepts the invitation. After the user accepts the invitation, if any policy violations are triggered, the correct user name will be displayed in the Policy Violation details.  
     
  • Admin user name displays as accessing every file
    Some organizations use a closed folder taxonomy in Box, meaning that users cannot create folders in the root of their Box account. Though this preserves a company's folder structure, it gives ownership of all folders to a Super Admin. In MVISION Cloud, this causes the super admin user account to unexpectedly appear as constantly accessing files. 
  • API response actions "Modify Permission to" and "View Only" allows Box users to Download, Share, and Preview folders.
    MVISION Cloud DLP Policies provide the API response actions "Modify Permission to" and "View Only". These response actions allow users to only view or upload any file/folder. However for some BOX users, these permissions allow them to download and share folders, and this causes data leakage. As a workaround, the user with the required permission must define "Previewer Uploader" access at the folder level and share it with other users, so that the users can’t download any files under the folder but are allowed to view them.

NOTES: 

  • Box allows "Previewer Uploader" permission only for folders.
  • Box allows  "editor", "viewer" or "owner" permissions only for files.

 

  • Was this article helpful?