I am exploring a method to restrict certain file types (.exe and .msi for example) from being uploaded into our Box (Enterprise Plus) instance and I don’t see a native way to “block” uploads based on file type.
I am thinking the only way to “achieve” this would be to use the Box API to search for files (or perhaps Shield Alert Event list?) with the specific extensions periodically and delete them.
Using a normal search, I am concerned about lag time from search indexing, as well as the cadence of that search.
I suppose I could create a Classification policy to classify these files by type, then use Shield to apply Security controls on the classification until the file is deleted by the API process or a Governance Policy, or until someone reviews the alert deletes the file manually.
Box Relay seems out of the question as it doesn’t seem to propagate into subfolders, nor can I run a scheduled relay to delete based on Classification alone.
Are there any clean ways that you’ve accomplished this?