Box is adding the ability for admins to apply security policies based on defined user groups, specifically for Device Trust. Group-based policy enforcement allows admins to apply more customizable security policies to specific subsets of users to drive both—relevance and effectiveness for zero-trust security.
You can create and deploy policies that are enforced at an enterprise-level, as well as at a group-level to optimize security requirements across certain groups of users. This lets you test settings on a subset of end-users so you can ensure that new security setting application is smooth, giving you more granular control.
Some example use case scenarios where the entire organization might not want to have total enforcement of group-based Device Trust policies include:
IT should not have any endpoint requirement to access their Box content
Sales can log into Box only if they are using desktop devices that have the most recent operating system (OS) version
Engineering should access with endpoints managed by the organization identified by device-specific issued certificates
A subset of an organization doesn’t require the latest OS version, but does need an antivirus installed as well as their desktop hard drives encrypted
To learn more about group-based policies for Device Trust here.