Connect Code42 to Box
Overview
To help protect you from data loss, you can use Code42 to monitor files moving to and from your organization's Box cloud storage environment.
When you add Box as a data connection, you must authorize Code42 as a custom application. Once connected, we monitor your organization's Box environment to capture when a user:
This article explains how to add Box as a data connection.
Considerations
The following considerations apply to Box. See also the considerations applicable to all cloud storage environments.
- Code42 can connect to your Box environment only when supported by your Box product plan.
- Box allows you to add or remove individuals as collaborators on a file. However, for files that reside at the root of the drive and are not in a folder, these collaboration changes are not recorded until a file event occurs (for example, at file creation, modification, renaming, moving, or sharing with a link).
- Box limits API requests made by third-party integrations such as Code42. Throttling these API requests allows Box to better control their resources, but may slow down Code42 file metadata collection, especially after first configuring access to Box. Consider setting up Code42 access to Box when you have decreased activity in your environment.
- Detection of folder sharing permissions changes in Box may be delayed.
- If a user's status is set to inactive in Box, Code42 does not monitor file activity on the user's Box account.
Before you begin
Before you authorize the Code42 connection to your Box environment, follow the directions in Configure Box for the Code42 data connection to properly set up Box to allow Code42 to collect data.
Authorize Code42's connection to Box
Step 1: Connect Code42 to Box
- Sign in to the Code42 console.
- Add a cloud storage data connection:
- Select Administration > Integrations > Data Connections.
- Click Add data connection.
The Add data connection panel opens. - From Data connection, select Box under Cloud storage.
- Enter a display name. This display name must be unique.
- Under Complete these steps in Box, copy the Client ID. You enter this ID later in your Box Admin Console.
- Authorize the Code42 app in Box:
- Go to your Box Admin Console and log in using your Box Admin username and password.
- Click Apps.
- Click the Custom Apps Manager tab.
- Click Add App.
The App Authorization screen displays. - Paste in the Client ID from the Code42 console.
- Click Next.
- Review the permissions granted. For more information, see Permissions required for the Box connector.
- Click Authorize.
Code42 Cloud Services appears in the table of custom applications.
- (Optional) If Disable published third party apps by default is selected in Global App Settings in your Box Admin Console, hover your mouse over the Code42 Cloud Services app, click the ellipses button, and select Authorize App to allow Code42 access to your Box environment.
You can choose to disable third-party published applications to secure your Box environment. If you do so, you need to explicitly select and authorize the Code42 cloud service's access.
Step 2: Add users
- Return to the Code42 console.
- In the Add data connection panel, select I've completed these steps under Complete these steps in Box and then click Continue.
The Add users panel displays.
- Select one of the following options:
- All: Monitors all Box users in your environment.
- Specific users: Monitors only the Box users you designate.
- Click Upload .CSV file.
- Select a .csv file containing a list of only those users you want to monitor.
- Specific groups: Monitors only the users in Box groups you designate.
- Click Upload .CSV file.
- Select a .csv file containing a list of those groups in Box whose users you want to monitor.
Step 3: Verify the setup
- After selecting the users to monitor (and uploading a file, if needed), click Continue.
The Verify panel displays.
- Locate your Box Enterprise ID:
- Return to the Box Admin Console and select Account & Billing.
- Copy the Enterprise ID.
- Return to the Code42 console and enter your Box Enterprise ID and Box Admin username:
- Paste the Box Enterprise ID into Box Enterprise ID.
- Enter the email address you use to log into the Box Admin Console into Box Admin username.
- Click Authorize.
Box is added as a data connection, and Code42 begins the initial inventory process.
Next steps
Once you have added Box as a data connection, learn more about:
- Common use cases for investigating security incidents with Forensic Search
- How to use Forensic Search
- Adding trusted domains to easily identify when files are shared with users not on your list of approved domains.
- Viewing and managing a cloud storage file's sharing permissions
Troubleshooting
Issues in your Box environment can cause errors with the Code42 connection. When such issues occur, the Box connection in the Data Connections table is highlighted in red and an error message is displayed at the top of the screen. When this occurs, click the Box connection in the Data Connections table. The detail panel opens and lists the specific error so that you can resolve it.
Refer to these articles to troubleshoot specific errors that can appear for the Box connection in the Data Connections list:
External resources
Box documentation: