Box Drive and Ransomware

SOLVED
Go to solution
Highlighted
Box Certified Professional

Box Drive and Ransomware

I was reading through the Ransomeware information for Box Apps  and I have a question.

 

Files synced through Box Sync are called out as being susceptible to attack but the Drive vulnerability is not mentioned to only files that are Marked Fro Offline (MFO)

 

"Ransomware can only affect files via the Box Sync or Box Drive applications on a user's computer. If Box Sync is enabled, only those files set to Sync will be affected. "

 

I wanted verification that only files that are MFO are susceptible to Ransomeware and not all files visible through Box Drive.  I'm pretty sure this was covered at Box works last year but I can not find my note for that.

 

Thank you

Rob

 

Thanks
Rob
3 REPLIES 3
Community Manager

Re: Box Drive and Ransomware

Hi @Rob_Parrish,

 

Thanks for the question and it's good to clarify this part for Box Drive. If you do have Ransomware affecting your computer, it is possible for all files in your Box Drive folder to be affected, not just the local MFO files. 

 

As you pointed out, we do however, have the ability to revert files to the previous version not affected by Ransomware, pointed out here in this article.
 
"For our Business & Enterprise customers, we maintain previous versions of a user's files and can revert to those previous versions should a user be impacted. The Box Drive client and the software itself is not impacted by the ransomware event."
 
I hope that help clarifies, but our Box Product team is considering additional advanced features that may help with detecting, flagging, and automating decisions associated with certain undesirable data access patterns. These may also assist in limiting the impact of ransomware attacks.
First-time Contributor

Re: Box Drive and Ransomware

Hi,

 

Do you support bulk operations, i.e. revert the whole folder, rather than each individual file?

 

Thanks,

Rafal

Community Manager

Re: Box Drive and Ransomware

Hi @rczubala,

 

You can contact our support team for more information, but we do run revert operations on an entire user's folder system, not just for one file.