Box

Frequently Asked Questions

Got questions?  We’ve got answers below.

Accessing Box

What can I do with Box?

You can take advantage of Box’s easy collaboration features to work with your team on shared content like project documentation or other essential items. Box allows for:

• Easy file version management (always know when shared files have been modified and by whom)
• User controlled access levels -you decide who should have access to your content and at what level (sharing, upload, download, edit rights, etc.)
• Quick insights into who has viewed or downloaded your files
• Large, secure file sharing (up to 150GB)

What do I need to access Box?

All you need is your browser! This is for all users, whether you are on the MITRE network or not. Navigate to https://mitre.box.com and log in with your credentials.  You will see folders that have been shared with you. Select a folder and click the New button to add files –or, click Share to invite others into your folders. You can even drag-and-drop files right into the browser window for an easy upload.

I am partnering with MITRE, how do I get a Box account?

Box is automatically provisioned for MITRE employees. You must be invited to Box by a MITRE employee through email. As a guest, you are required to set up a free Box account, if they do not have one already. Additional instructions are provided in the invitation.

If you have difficulty creating a free Box account, visit the tip sheet on how to set up your free Box account.

Multifactor Authentication (MFA) Requirement

What are the requirements to access Box content hosted by MITRE?

To satisfy compliance requirements and prepare Box for storing higher-sensitivity information, two-factor authentication (2FA) is imposed on external accounts. MFA is a common security measure that provides an extra layer of protection to ensure the security of online accounts beyond just a username and password.

External users will be prompted to set up multifactor authentication when they receive an invitation to shared content from a MITRE employee.

We’ve prepared a guide that you can share externally: 2FA guide

Also, here are Box resources:
Enrolling in 2FA for External Collaboration
Multi-factor Authentication Set Up for Your Account

What are the allowed 2FA methods?

One Time Password (OTP) is the only method allowed. Note that SMS (texting) is not supported. There are many Authenticators that support 2FA including Google Authenticator (mobile), Okta Verify, Chrome Authenticator (web browser extension) and Authy.

Are *all* external users affected by the 2FA requirement?
This requirement only affects customers who do not have an enterprise Box subscription.

What if I cannot set up 2FA, what can I do?
Please try to exhaust available options – since browser access is possible, theoretically anyone who can access Box can go through the 2FA challenge. In case of outliers, there is an InfoSec-monitored exception process; contact mpnsupport@mitre.org for more details.

Box Features 

How much content can I upload? Are there any file restrictions?

Every user can upload an unlimited number of files, as long as each file is under the 150GB limit. There are no limitations on file types (i.e., file extensions). However, Box Sync will ignore hidden system file – see support article.

What are information sensitivity restrictions?

Check the Team Collaboration page for latest guidance.

What do the different color folders mean?

• Yellow folders are created by you and completely private.
• Blue folders let you know that other collaborators have been invited into a shared folder that you own.
• Grey folders in your account are owned externally and you have been invited as a collaborator.

I suspect that my Sponsor/Partner organization is blocking access to Box – how can I confirm?

Send your external partner the Welcome to Box link. If they cannot access it, please notify us.

Is MITRE tracking what Sponsors and other organizations are blocking access to Box?

Yes. If you come across an organization that is blocking Box, please notify us so that we can investigate further and work on unblocking.

I (or my Sponsor) can’t access Box on – why is this?

An organizational policy may be blocking Box on a particular network. Visit Outside Organizations & Box for information for more information.

If you are running into issues at a location not listed above, please let MPN Support (mpnsupport@mitre.org) know.

How long does content stay on Box?

Content is kept in Box for the length of the project.

Where do I go for help? How can I get more information?

Additional quick help answers are found in the IT Service Desk’s Knowledge Base Search (MITRE only).  Type the keyword, “Box” into the search field for a list of FAQ articles.