The most frequently asked question we receive sounds something like “Well all this stuff you’re saying sounds great, but how do I know my content is safe?” Security is a VERY sensitive subject to a lot of business owners, especially those in the medical, legal, and financial fields. Before answering that question in depth, we’ll briefly review common processes we see. Often our initial response is, ‘show me the security parameters currently in place, then we can chat about the security of our solution.’ Insert wry winky emoticon here.
We see a lot of rather unique systems in place, most frequently very large file cabinets filled with paper. When you see a file cabinet some key questions to ask yourself with regards to security, even with a locking cabinet, are listed below (the lack of efficiency of a paper system will be an entirely different post). Truthfully, these are questions to ask with an on premise digital storage solution (local server) as well because servers will crash, coffee will get spilled, USB drives will get lost, etc…
- How difficult would it be for someone to gain access if they wanted your data?
- Can someone access data that shouldn’t be able to, even by accident?
- Are you at risk of a disaster (natural or otherwise) where the content is destroyed or compromised?
- How do you access or utilize the content in an emergency when offsite?
We have had people in medical offices come to us knowing their security is lacking and say outright, “Please help us, our HIPAA compliance is the lock on that closet door handle.” We’ve had other medical based organizations tell us due to misfiling, patient records are lost or have disappeared and they are simply hoping to not get audited.
With a Snap-File system in place, not only is your efficiency drastically increased (to be covered later), but your system will be compliant with HIPAA, FINRA, SSAE-16 Type II, as well as ISO 27001. You receive all of this out of the box, with every deployment. This is possible because Box.com has built their infrastructure, physical and software, with their focus on businesses since 2005. There are no other cloud content providers than can boast this.
Your data will be hosted in at least 4 geographically disperse data centers, not including a back up disaster recovery center, nor your locally synced content. Also note, these are not Amazon web service data centers (AWS), Box owns and manages these centers (with 24/7 security patrols) so only box clients have access to them and only box employees maintain the system. Further, you retain ownership of all your content, Box tech support can not even access your data without your admin providing them access- compare that to something like google drive. Additionally, all your data is encrypted at 256 bit AES (Advanced Encryption Standard) both in transit and at rest. This means that not only is your data safe from disaster, but it’s virtually impenetrable to hacking. There are even inexpensive integrations to lay over top of your account such as multifactor login via Okta, or additional mobile encryption with companies like Mobile Iron and Good Technology MDM.
Lastly, once content has been loaded and organized in your super secure online content tool- Admins and folder owners are provided the ability to restrict who has access to folders and content, and what level of access users have. If your sales team shouldn’t be meddling in HR files, don’t give them access and they won’t see that they exist! Alternatively, for those who you are collaborating with, you can restrict them to 1 of 7 difference access levels ranging from preview only to co-owner of the folder. Admins also have the ability to run audits on your account to track access and deletion statistics of any group of documents or individuals.
There are some other little tweaks and processes to make your content even more secure, however this should suffice for the first post on security. The short answer to the security question is simply, ‘Yes, you’re content now is or will be more secure than has ever been possible. …and we don’t charge extra.’ Now you know why!