Box.com Security (for file attachments)

Question

Our security team is getting the heebie jeebies about Khoros attachments (potentially containing PII) being stored on box.com.

How much of a concern is this? I'm aware Microsoft & other major tech companies use Khoros - how do they handle the security on this front?

mohammedf · Answer

keithkelly, Could you kindly offer additional details regarding your inquiry? If it's related to our company's storage practices, Khoros doesn't utilise Box as a primary enterprise tool. Instead, it is an optional sub-processor within Care and Community if you choose to turn on the "file preview" feature, and it is outlined in our list of sub-processors associated with our products.

keithkelly · Answer

Primary concernsOur secret / internal / proprietary information being stored in a box.com account that does not belong to us.Our security team is unable to simply unblock the subdomain khoros.app.box.com, as there are default box.com domains that are necessary to access - such as app.box.com.&nbsp; &nbsp;I just ran a network trace (via Chromes dev tools) &amp; found a few others like cdn10.boxcdn.net, api.box.com, dl.boxcloud.com, and more.Who owns/controls the files?

Forum Discussion

Box.com Security (for file attachments)

Related Content

How do I access a file shared through Box.com?

Re: Manage security settings for your account

Aurora: Configure File Attachment settings for the community

How can we retrieve the preview URL (or attachment-id) for PDF attachments?

About Aurora Security Assertion Markup Language (SAML) Single Sign-On (SSO)

Recent Discussions

Boosting a User

Google Tag Manager and Google Analytics Setup in Aurora platform

In Aurora, add additional <script> and <meta> tags

Incremental data for attachments in messages and replies

Incremental data for users data