Box.com Security (for file attachments)

Question

Our security team is getting the heebie jeebies about Khoros attachments (potentially containing PII) being stored on box.com.

How much of a concern is this? I'm aware Microsoft & other major tech companies use Khoros - how do they handle the security on this front?

mohammedf · Answer

keithkelly, Could you kindly offer additional details regarding your inquiry? If it's related to our company's storage practices, Khoros doesn't utilise Box as a primary enterprise tool. Instead, it is an optional sub-processor within Care and Community if you choose to turn on the "file preview" feature, and it is outlined in our list of sub-processors associated with our products.

keithkelly · Answer

Primary concernsOur secret / internal / proprietary information being stored in a box.com account that does not belong to us.Our security team is unable to simply unblock the subdomain khoros.app.box.com, as there are default box.com domains that are necessary to access - such as app.box.com.&nbsp; &nbsp;I just ran a network trace (via Chromes dev tools) &amp; found a few others like cdn10.boxcdn.net, api.box.com, dl.boxcloud.com, and more.Who owns/controls the files?

Forum Discussion

Box.com Security (for file attachments)

Related Content

How do I access a file shared through Box.com?

Re: Manage security settings for your account

Aurora: Configure File Attachment settings for the community

How can we retrieve the preview URL (or attachment-id) for PDF attachments?

About Aurora Security Assertion Markup Language (SAML) Single Sign-On (SSO)

Recent Discussions

API Call for Retrieving Pre-Moderation Messages

Google Tag Manager and Google Analytics Setup in Aurora platform

Error while fetching products data using graphql query

Using LiQL or SQL on Aurora instead of GraphQL?

Not receiving user email addresses from search endpoint