How It Works: FinalCode for Box

Persistent Security for Sensitive Files Leaving the Box Repository

Once files leave the secure box repository, data governance is lost. FinalCode for Box addresses this file data leakage challenge by ensuring persistent access, usage control and deletion of shared files leaving the box repository and in a way that is seamless to Box collaborators.

With FinalCode, organizations gain strong file encryption, dynamic permission setting, and lifecycle activity tracking – directly invoked within the Box interface as an added SaaS offering. Users can manage and change permissions to view or edit files by simply updating Box collaborator types which are linked to FinalCode’s file security settings – it’s that simple.

After files leave the Box container, FinalCode file security controls stays persistent.



For files that the Box user would like to securely share, the Box user uploads files to the secure Box repository as they normally do. Box users can manually secure a file or folder, set folders for automatic security. FinalCode file security settings are pre-mapped to Box Collaborator types. Security settings are inherited as files more within the Box folder hierarchy.


FinalCode Encryption Service monitors for request to secure new files within the Box repository. FinalCode Encryption Service requests and receives a unique file encryption key and identifies from the SaaS Application Server. The Encryption Service never write to disk, but secures the file only in memory.  The Encryption service replaces the original file with a FinalCode secured file and removes previous versions of the file within the Box repository. All original Box tags of the file are preserved.


Box Collaborator requests a FinalCode-secured file within the box repository which requires a local Client to open. Recipient one-time downloads and installs lightweight FinalCode Client (two-phase authentication, no administrator privileges are required). On attempted local secured file access, FinalCode Client will contact the FinalCode Server to verify access authorization.


FinalCode Server will will check the Box Collaborators and respective roles linked to the file. If the recipient is authorized, FinalCode Server will send the security meta data to the FinalCode Client to enforce file access and usage control of the file. File security, access and usage activities are kept in the Server logs. On demand or upon an authorized recipient attempt to open the secured file, FinalCode Client will deny access, delete the file locally, and log the illicit action.

FinalCode Delivers

Rapid Integration

As an option to the extensive file security and governance capabilities of Box, administrators can quickly install FinalCode for Box in less than an hour as a service. User management leverages Box license and collaborator settings.

Ease of Use and Adoptability

Box users or administrators simply activate FinalCode enhanced security on files and folders. Since FinalCode security settings are pre-set to Box Collaborator types and preserves Box tag and meta data index, there is no additional settings for the file owner. Collaborators have no interface to learn, they simply install the Client which seamlessly runs on their system.

Strong Security

FinalCode offers persistent security for files leaving the Box repository with file encryption (AES 256), granular permission setting and rich activity log. The FinalCode Encryption Service applies file security only in memory and replaces files directly in the secure Box repository. Once replaced, Collaborators can’t revert to unprotected file versions.

Cost-effective Usage

FinalCode for Box allows organizations using Box Business or Enterprise Edition to purchase a number of licenses as needed by project, department or enterprise-wide – with NO COST for Box Collaborators outside the organization.

Take The Next Step

With FinalCode for Box, your employees can share confidential files internally and externally with confidence, knowing that unauthorized file recipients outside the secure box container will not have access. Better yet, your company can rapidly implement strong file protection, entitlement and auditing capability that preserves user experience and your investment in Box.

Contact us today for a test drive.