Skip to main content

Instructor, no.

Incydr Professional, Enterprise, Horizon, and Gov F2, yes.

Incydr Basic, Advanced, and Gov F1, yes.

HOME
GETTING STARTED
RELEASE NOTES
FAQs
APIs
SYSTEM STATUS
Code42 Support

Connect Code42 to Box

Overview

To help protect you from data loss, you can use Code42 to monitor files moving to and from your organization's Box cloud storage environment.

When you add Box as a data connection, you must authorize Code42 as a custom application. Once connected, we monitor your organization's Box environment to capture when a user:

  • Creates or uploads a file
  • Shares a link to a file
  • Shares a file directly with users inside or outside your organization
  • Deletes a file
  • Modifies a file's contents, name, or location

This article explains how to add Box as a data connection.

Considerations

The following considerations apply to Box. See also the considerations applicable to all cloud storage environments.

  • Code42 can connect to your Box environment only when supported by your Box product plan.
  • Box allows you to add or remove individuals as collaborators on a file. However, for files that reside at the root of the drive and are not in a folder, these collaboration changes are not recorded until a file event occurs (for example, at file creation, modification, renaming, moving, or sharing with a link).
  • Box limits API requests made by third-party integrations such as Code42. Throttling these API requests allows Box to better control their resources, but may slow down Code42 file metadata collection, especially after first configuring access to Box. Consider setting up Code42 access to Box when you have decreased activity in your environment.
  • Detection of folder sharing permissions changes in Box may be delayed.
  • If a user's status is set to inactive in Box, Code42 does not monitor file activity on the user's Box account.
Monitoring and alerting tools may report download activity
When ongoing file activity is detected, Code42 temporarily streams files from your cloud storage or email service to the Code42 cloud to calculate the file hash. (Code42 does not calculate hash value during the initial inventory process.) 

This appears in your vendor logs as users downloading files. The requesting service's IP address may point to Microsoft Azure hosts. Consider adding these IP addresses to your allowlist to reduce false alerts in your vendor logs, keeping in mind that these addresses can change. 

Code42 never stores file contents or writes them to disk during this process.
A single file event in Forensic Search may represent more than one action in cloud storage
There's not always a strict one-to-one relationship between the actions a user takes on a file in your corporate cloud storage environment and the file event representing those actions in Code42. After detecting activity, Code42 makes a best effort to interpret the user's actions on a file in cloud storage. Code42 may combine several of those actions into one file event to more efficiently and effectively display those details. For example, a user modifying a file repeatedly a few seconds apart in the cloud storage environment may appear as one "file modified" event in Forensic Search.

Throttling of API requests by the cloud storage vendor can also slow Code42's metadata collection and affect how file events are displayed in Forensic Search. Both this throttling and Code42's interpretation of actions can cause multiple actions in cloud storage to be displayed in fewer events in Forensic Search.

Before you begin

Before you authorize the Code42 connection to your Box environment, follow the directions in Configure Box for the Code42 data connection to properly set up Box to allow Code42 to collect data.

Authorize Code42's connection to Box

Step 1: Connect Code42 to Box

  1. Sign in to the Code42 console.
  2. Add a cloud storage data connection:
    1. Select Administration > Integrations > Data Connections.
    2. Click Add data connection.
      The Add data connection panel opens.
    3. From Data connection, select Box under Cloud storage.
    4. Enter a display name. This display name must be unique.
    5. Under Complete these steps in Box, copy the Client ID. You enter this ID later in your Box Admin Console.
      Add a Box data connection
  3. Authorize the Code42 app in Box:
    1. Go to your Box Admin Console and log in using your Box Admin username and password.
    2. Click Apps.
    3. Click the Custom Apps Manager tab.
    4. Click Add App.
      The App Authorization screen displays.
    5. Paste in the Client ID from the Code42 console.
    6. Click Next.
    7. Review the permissions granted. For more information, see Permissions required for the Box connector.
    8. Click Authorize.
      Code42 Cloud Services appears in the table of custom applications.
      Custom Apps Manager in the Box admin console
    9. (Optional) If Disable published third party apps by default is selected in Global App Settings in your Box Admin Console, hover your mouse over the Code42 Cloud Services app, click the ellipses button, and select Authorize App to allow Code42 access to your Box environment.
      You can choose to disable third-party published applications to secure your Box environment. If you do so, you need to explicitly select and authorize the Code42 cloud service's access.

Step 2: Add users

  1. Return to the Code42 console.
  2. In the Add data connection panel, select I've completed these steps under Complete these steps in Box and then click Continue.
    The Add users panel displays.
    Add Box users
  3. Select one of the following options:
    • All: Monitors all Box users in your environment.
    • Specific users: Monitors only the Box users you designate.
      1. Click Upload .CSV file.
      2. Select a .csv file containing a list of only those users you want to monitor
    • Specific groups: Monitors only the users in Box groups you designate. 
      1. Click Upload .CSV file
      2. Select a .csv file containing a list of those groups in Box whose users you want to monitor

Step 3: Verify the setup

  1. After selecting the users to monitor (and uploading a file, if needed), click Continue.
    The Verify panel displays.
    Verify the Box connection
  2. Locate your Box Enterprise ID:
    1. Return to the Box Admin Console and select Account & Billing.
    2. Copy the Enterprise ID.
      Enterprise ID
  3. Return to the Code42 console and enter your Box Enterprise ID and Box Admin username:
    1. Paste the Box Enterprise ID into Box Enterprise ID.
    2. Enter the email address you use to log into the Box Admin Console into Box Admin username.
  4. Click Authorize.
    Box is added as a data connection, and Code42 begins the initial inventory process.

Next steps

Once you have added Box as a data connection, learn more about:

Troubleshooting

Issues in your Box environment can cause errors with the Code42 connection. When such issues occur, the Box connection in the Data Connections table is highlighted in red and an error message is displayed at the top of the screen. When this occurs, click the Box connection in the Data Connections table. The detail panel opens and lists the specific error so that you can resolve it.

Refer to these articles to troubleshoot specific errors that can appear for the Box connection in the Data Connections list:

  • Was this article helpful?