Box Sharing Guidelines and Options


Table of contents

UMD Box is a cloud-based storage and collaboration system that provides a Web interface for uploading, downloading, sharing and discussing files. It is designed to work on Macs, PCs, smartphones and tablets. This guide will help you understand Box sharing settings, and store and collaborate securely with your files in Box. For information about Box Drive, see Getting Started with UMD Box Drive.

Guidelines

These guidelines are best practices for storing and sharing items in Box, but do not guarantee the security of your items, and do not imply compliance with any specific regulations or laws. Be sure to consult with the appropriate IT admins and the Division of IT Compliance team when handling sensitive data. 

Securely store an item in UMD Box  

The most secure way to store an item in UMD Box is to upload the file to a folder, set the file as locked, enable notifications for Preview and Download, and enable Watermarking. As long as you have not invited a collaborator or enabled link sharing for the folder or file, only you will be able to access the item. Notifications will ensure that you are notified if a setting is misconfigured or if someone accesses the item. Watermarking will superimpose the user's information onto the item while viewing it, discouraging misuse and screenshots.

Securely share a file or folder with UMD collaborators

If you wish to have a high level of security but need to share a file or folder, be sure to leave link sharing off and share the file or folder directly with members of the University of Maryland community (UMD), and give them the Previewer Uploader role. This would prevent them from sharing the file with others and downloading the file, while requiring them to have a UMD account to view the item. 

Securely share a file or folder with non-UMD Collaborators who have Box accounts

If you wish to have a high level of security but need to share a file or folder with someone outside of UMD, make sure to leave link sharing off and only share the file or folder directly with the email address of the trusted collaborator; give them the Previewer Uploader role. As long as they have a Box account registered with that email address, they will be able to access the item, but still be unable to share the file with others or download the file. 

Share a file or folder with someone who doesn't have a Box account

If for some reason, a collaborator cannot get a Box account with their own email address or institution, you will need to enable Link Sharing for People with the Link. This makes the item public, so you should exercise extreme caution with this method. Make sure to have notifications enabled for preview and download, and make sure to go into Link Settings and require a passphrase for the data. Make sure the passphrase you set meets the UMD passphrase requirements. You should also disable downloads, and enable watermarking. Finally, set an expiration date within 6 months  for the link.

Top

Settings

Share a folder with collaborators

Folder sharing allows you to set granular permissions for collaborators who have Box accounts. There are seven roles with various permissions. While Editor is the most commonly used role, Previewer Uploader is ideal when the collaborators do not need to edit any of the items. The Previewer Uploader role prevents the collaborator from sharing and downloading the item. If a collaborator needs to be able to edit files, use one of the roles that allows editing, but lock items from editing.  

Box file sharing screen. The Previewer Uploader role is selected.

Share a single file with collaborators

Sharing individual items will limit the roles you can choose from to Editor and Viewer. You cannot prevent collaborators with these roles from sharing or downloading the item. The most secure option is to share folders using roles with more granular permissions and place appropriate items into the folder, rather than sharing individual items. 

Shared link settings

Box allows you to share Files and Folders with people using a link. There are several ways to use link sharing and the Link Sharing options will change depending on certain conditions. 

When you first enable 'Shared Link', there are three types of link sharing: 

People with Link and People in your Company include an additional setting that allows you to choose between 'View and Download' or 'View Only' rights for people with the link.  

Once a Shared Link is Created, a Link Settings option appears in the modal. These settings change depending on the type of link sharing you are using. 

This table shows the differences between Link Settings depending on the Link Sharing type you have chosen. 

 

Set Link Expiration

Create Custom URL

Enable/Disable Download

Set a Passphrase for access

People with the Link

checked

 checked

 checked

 checked

People in your Company

 checked

 checked

 checked

 

Invited People Only

 checked

 checked

not checked not checked

Set expiration

This feature allows files to be deleted on a specific date, which is useful when a data management plan or agreement includes a data destruction requirement, or if you only need to share files temporarily. 

You can enable this feature by selecting the Actions icon (...), choosing the More Actions menu, and selecting Set Expiration. 

Click on More Actions in the Action Button drop-down menu to Set Expiration.

Add a Watermark

Watermarking places a semi-transparent overlay of the current viewer's user name and time of access across a document's contents to deter unauthorized sharing.

You can enable this for a file by selecting the Actions icon (...) and then selecting the More Options menu.

Click on More Actions in the Action Button drop-down menu to enable Watermarking

Lock and disable download

The Lock button in the Actions Menu allows you to lock a file from being edited by collaborators. You can also use this feature to prevent download of the file.  

File request feature

Box File Request is a secure way to allow anyone to upload files to a Box folder you own. Make sure to secure your Folder appropriately for the type of data you plan to collect, and be cautious of uploaded files if they are unexpected or uploaded by unknown people. Some files can compromise your system when they are opened. At a minimum, it is recommended that you collect the uploader's email address during the upload process. 

Account and file activity notifications

Box allows you to receive notifications for content you own or are a part of. If you handle data that is sensitive and needs to be access controlled, you should enable notifications for Downloads and Deletes. Previews will generate many notifications, but may also be useful if you handle very sensitive data. 

These notifications may indicate that access control procedures aren't being followed.

You should also enable notifications about Login Activity. This will send you an email if your account is accessed from an unrecognized device, which will help indicate if it has been compromised. 

Box Email Notification settings.

View file access stats

If you select a file in Box, you will see access stats on the right side of the screen. Clicking View Details will give you a deeper dive into these stats and allow you to export activity into a spreadsheet. This capability is useful when performing a self-audit of the usage of your data, and is a useful capability that can be written into data management plans. 

Box File Access stats, including views edits and comments.

Top