What are the account privileges and requirements needed to enable the Box Securlet on a CloudSOC account?
There are two ways to enable the Box Securelet on your CloudSOC account:
1) This is the strongly recommended way, the account must meet the following three requirements to activate the Securlet:
● You must have administrative privileges on your CloudSOC account.
● You must have an enterprise account on Box.
● The email address you use as the username for the administrator login on your Box account must be exactly the same as the email address that you use as your CloudSOC username. Furthermore, this email address must be within the primary or secondary domains listed for your CloudSOC account. To confirm, login to CloudSOC, go to the gear icon on the top right corner, then to General, and check your domains as shown below.
-> Note: If necessary, contact Symantec Support via MySymantec to add additional secondary domains.
2) A Box Co-Admin can activate he Securlet, subjected to the following limitations:
○ CloudSOC does not have visibility into the activities of Box Admin and other Co-admins.
○ CloudSOC cannot scan the documents of the Box Admin and other Co-admins
○ CloudSOC cannot remediate the content of the Box Admin and other Co-admins
-> Note: The Co-Admin must hold the following administrative privileges as shown below. Otherwise, the Securlet exhibits API failures and loss of functionality:
○ Manage users
○ Manage groups
○ View users' content
○ Edit users' content
○ Log in to users' accounts
○ View settings for your company
○ Edit settings for your company
○ Run new reports and access existing reports