Skip to main content
Strengthen protection, show auditors and regulators that controls are in place, and manage how long content is kept and when it can be removed or held for legal matters.

Meet regulatory and encryption expectations

Operate with programs and technical options suited to regulated industries, validated deployments, and customer-managed keys when your policies require them.

Box Compliance overview

KeySafe KMS technical requirements

About KeySafe

GxP validation

GxP sandbox and controlled feature releases

Classify content, detect threats, and control access

Label sensitive material, spot risky behavior, and enforce access rules so the right people collaborate on the right files.

Box Shield overview

Getting started with Box Shield

Using Box Shield

Shield threat detection rules

Shield smart access policies

Shield classification labels and policies

Retain, hold, and dispose of content on policy

Define retention schedules, place legal holds for investigations, and run disposition with clear records for compliance teams.

Box Governance overview

About retention and retention policies

Creating a retention policy

About legal hold policies

Creating and editing a legal hold policy