NET+ Box: Features

The Internet2 NET+ Box storage and collaboration service—developed especially for the Internet2 community—provides the benefits of Box's easy-to-use consumer services fine-tuned for the needs of higher education. Access using campus single sign-on, integration with campus provisioning and security requirements, and a friendly, higher education legal agreement, all bundled together as a click-through agreement for InCommon participants. Through the Internet2-Box partnership, campuses can rapidly deploy Box services to their entire community—students, faculty and staff.

Box Cloud Collaboration Features

  1. Online Workspaces
    Create shared workspaces and easily invite team members to upload files, start discussions and collaborate online.

  2. File Sharing
    Easily share large files both within your organization and with external partners replacing FTP software and email attachments. You can even see when your files are downloaded!

  3. Folder Layers
    Create and organize multiple layers of folders replacing your file server with an online organization-wide file system.

  4. Mobile Access
    View your files on any browser-enabled mobile device and use Box's apps on an Android Smartphone, iPhone, iPad, and Blackberry. Note: Single sign-on is supported on Box-created mobile applications (iPhone, iPad, Android). The mobile app redirects to the IdP associated to the account, and loads as a browser within the application. The only mobile exception is m.box.com, which currently does not support single sign-on.

  5. File Commenting, Group Discussions and Online Documents
    Leave comments attached to a specific document, start a group discussion, or create and share a simple document.

  6. Updates
    Like a newsfeed for your shared workspace, keep up with all activity via the Updates tab in Box and through email.

  7. Version History
    View previous versions of your files even after changes are made and new versions are uploaded. *Enterprise only

  8. User Management
    Manage users easily, control data access and review reports on content usage and activity using the Admin Console. *Enterprise only

  9. Security Controls
    Set various levels of view and edit permissions, set up a time to auto-delete a file or deactivate a link, and password protect sensitive folders or files *Enterprise only

  10. Easy To Use
    Minimize user training and support costs, eliminate software or hardware maintenance, and get started in just minutes.

  11. Box Sync
    Sync desktop files to Box. Access Box folders and shared files right from your desktop. *Number of accounts with full sync capped for initial phase

Internet2 NET+ Box Storage Bank

Subscribers are also automatically enrolled in the Internet2 NET+ Box Storage Bank program, which provides additional storage for urgent or unplanned needs on campus. If your campus has an unplanned need for additional storage during your subscription term, Internet2 NET+ Services will provide up to 25% of your regular capacity at no cost. At the end of the current subscription term, the subscriber will have the option of lowering consumption to the previous level, or purchasing additional storage.

Note about "marketable storage": When assigning quotas to individuals on campus, even with the same quota, usage can vary widely. So if you plan on 10GB quotas, one person may use 1GB while another may use 7GB. In that case, your marketable storage is 2x10GB or 20GB but your actual usage is only 1+7 or 8GB. Analysis suggests the right ratio for "marketable" to "actual used" storage is approximately 5 to 1.

Box Applications Included with the Service

Box platform applications that are included in the Internet2 NET+ Box service agreement are listed below. Note that each campus's Box Administrator can determine which of these applications are deployed.

  • Box for Android
  • Box for Android Tablet
  • Box for Blackberry
  • Box for Blackberry Playbook
  • Box for Chatter
  • Box for Courier
  • Box for iPad
  • Box for Office
  • Box for Outlook
  • Box for Touchpad
  • Box Web Documents
  • Salesforce
  • Netsuite
  • Google Apps
  • Google Docs
  • Box for iPhone

Security

All of the following security mechanisms were reviewed by CISO representatives from each of the early adopter campuses:

Box hosts its servers at multiple geographically separated, enterprise-grade data centers in the United States with a 99.9% network uptime guarantee, ongoing audits and 24x7x365 monitoring and video surveillance. Data is stored on a secure internal storage cluster behind an enterprise-grade firewall, with redundant connections to multiple Internet backbones. The software passes every request through a carefully audited verification code, which ensures that the user is authorized for the action requested. Box stores local snapshots of data and backs up all data daily to an additional facility in a third location.

All user data is stored in encrypted form. Keys are held by Box under strictest security.

256-bit Secured Socket Layer (SSL) encryption is used on the data between the end user and Box. Indexing of public files by search engines or robots is disallowed, and all filenames are encoded once they arrive on Box's servers.

When you upload a file to Box, it is private by default and encrypted when stored. Your files are only accessible to others if you share them or make them public. You can make any shared file private again, or modify it so a password is required to access it. If you share a file using a link, that link will contain a unique ID made up of a randomly generated combination of letters and integers so humans cannot guess the location of those files. While Box holds the keys to encrypted data, this is held under strictest physical and personnel security and is only used when permission is granted by the member institution.

Box uses proven password and privilege techniques to validate access to all application data. University administrators have full console access to set user privileges, limiting what individual account holders can see and do on Box. The application determines access and presents only data the user has permission to see. For further security, an administrator can set role-based permissions so that some viewers may only view data, not edit it. With the Enterprise edition, Box also displays a list of all the primary actions of each of its users (download, upload, delete, log-in, etc.), giving administrators oversight on usage in their accounts.

FERPA, HIPAA and Grant Requirements

FERPA requirements are supported as of service general availability.

Box does not have a HIPAA Business Associate Agreement in place because all data is fully encrypted and Box will not access the data unless permission is explicitly granted by the institution. In addition, you as the customer have to implement Box (leveraging the tool sets provided) in a manner that is HIPAA compliant. Box cannot guarantee that each customer will leverage the appropriate tool sets to configure and implement Box to ensure HIPAA compliance.

We believe that Box is compliant with most grants, although specifics should be checked by the institution.

To learn more about Box's technology and their efforts to empower customers to be HIPAA compliant, go to https://www.box.net/shared/0uanfcz9nz7ayygj902n.

spectrum