Box Announces Four New Security and Governance APIs

Box has introduced a set of new security and governance APIs that organizations can use to incorporate content governance and compliance capabilities into applications and workflows. This set of new Box APIs includes a Retention Policy API, Legal Hold Policy API, Watermarking API, and Folder Metadata API. Organizations can use these APIs to ensure that applications, systems, and workflows are able to meet regulatory compliance requirements when it comes to storage and distribution of business information.

The Box Retention Policy API can be used to prevent content from being permanently deleted for a set amount of time. It allows organizations to automate the process of content preservation and deletion. This API is available as part of the Box Governance package add-on.

The Box Legal Hold Policy API allows organizations to place a legal hold on content within an application in order to prevent specific information from being deleted or modified. The API can be used to ensure that content is managed properly and organizations are able to comply with legal reviews or an order initiating the e-discovery process. This API is available as part of the Box Governance package add-on.

The Box Watermarking API can be used to control the visibility of sensitive information within applications and help prevent the loss of data. The API applies a watermark containing the email address of the user and time of access on a file preview. The Box Watermarking API should be released in early Q4 of this year and will be available as part of the Enterprise and Elite level Box Plans.

The Box Folder Metadata API makes it possible for applications to define and store custom metadata for a corresponding Box file or folder.

ProgrammableWeb reached out to Ken Yagen, VP of Platform Product at Box, who provided additional details about the new Box security and governance APIs. "Retention Policies and Legal Holds are each distinct API endpoints and they work in conjunction with our Content Services to allow customers to programmatically configure governance controls to be enforced on content stored in Box," Yagen told ProgrammableWeb. "Watermarking and Folder Metadata are new resources exposed in the existing Box Files and Folders APIs."

Yagen also explained that "while we aren't sharing our specific product roadmap, we do ensure that as Box continues to release new features to its core product that we continue to expose that same functionality in our platform so that developers can build apps with the same enterprise-grade features that Box offers." He went on to explain that "Box Governance compliments an enterprise-wide e-discovery system, allowing people to find, hold, and retain content and related comments in Box. Box works closely with several partners in this space that integrate our governance capabilities with their full e-discovery solutions."

Jeetu Patel, SVP of Platform and Chief Strategy Officer at Box, gave a presentation at the 2016 BoxWorks conference in which he said that "there’s more and more demand for large enterprises, regulated organizations in starting to use these solutions and they’re just sick and tired of legacy systems that are just reducing their R&D spend and increasing the amount of profit that they eke out. What we wanted to do was make sure that we actually build out one of the world’s most modern content platforms and we’re the only modern content platform right now, for content and collaboration that’s out there, with a lot of capabilities around security, governance, compliance, that actually wrap around that core capability that you have."

For more information about the new Box security and governance APIs, visit the Box Developer Site.

Be sure to read the next Compliance article: Daily API RoundUp: Lemonade, Incentivit, Apidaze