Welcome to the new Box Support website. Check out all the details here on what’s changed.

Box Status

Securing Box Apps content from Admin

Follow
New post
AnthonyMartial

Hello Developers,

In our organization we are creating different apps under a box account. Each app would be dedicated to one client, and given the sensitivity of data and content we have been asked to come up with a scenario where even the admin of the box account can't peek at that content inside the apps.

Is is possible to achieve?

 

Thanks in Advance.

 

0

Comments

1 comment

Date Votes
  • Jason

    Hi , thanks for writing in to the forum! That's a great question - and definitely a tough nut to crack!

     

    This question definitely comes up from time to time, from our smallest customers to our largest. With our typical customer, the administrator of the Box enterprise is a person and the email address for the admin is linked to that person. This leads to the issue you've described - from a security and control standpoint, I don't want that person to be able to see *everything*.

     

    At a higher level (and this gets at a potential solution for you), you could ask the same question of any content management solution, physical or otherwise. IT Administrators have to have access in order to properly run and maintain a system, but that doesn't mean that access isn't tightly controlled to compliance standards. On Box, there's no way to directly create that scenario - the admin must have access to everything in the enterprise. You can however, from a process standpoint, remove the human from the "admin account" and control that admin account like you would control any other high-level privileged account in your larger infrastructure. 

     

    Unfortunately, I can't give you a super in depth answer here on a public forum. There's obviously tons of considerations that maybe wouldn't be appropriate to post publicly, too 🙂 You may even be able to come up with one on your own. But, if you'd like for us to take that walk with you, what you can do is look into a Consulting package / professional services engagement with us and we'll be happy to help.

     

    I hope that gives you an idea of how to get started! Please continue to make posts here on the forum for any questions you have 🙂  have a great day!

     

    Thanks,

    Jason 

    0
    Comment actions Permalink

Please sign in to leave a comment.