Box Connector Overview
This connector enables you to use Data Access Security to access and analyze data stored in Box and do the following:
- Analyze the structure of your stored data.
- Classify the data being stored.
- Verify user permissions on the resources, and compare them against requirements.
- Integration with Identity Security Cloud Source – Connect to an Identity Security Cloud Source to gather accounts and entitlements.
Refer to the Data Access Security documentation for a full description.
Installation Flow Overview
- Setup the prerequisites.
- Add a new Box application to Data Access Security.
Box Connector Operation Principles
- Data Access Security Connector for Box uses the Box Content API for permissions collection.
- The Box Content API uses the OAuth 2.0 authorization protocol to authenticate and authorize API requests.
- Data Access Security for Box Connector is a custom Box App, which requires a short authorization process.
- After the initial authorization process, Data Access Security handles the OAuth token management automatically and refreshes the token if needed.
Permissions Collection Operation Principles
- Data Access Security Box Permissions Collection task uses a Box API to retrieve information from the Box application.
Note
Users will only display in the Box Resource Tree if they are an owner of a resource.
- By default, permissions are analyzed on the folder level.
In contrast to other application types, to improve performance, Box permissions are also fetched from the target application during the crawl task. You must rerun the crawl before rerunning a permission collection in order to pick up all permissions properly.
The permissions will only display after the permission collection task has run, since they must be analyzed. If the crawler was unable to fetch the permissions, the permission collection task will fetch them.