Box has evolved to become almost unrecognizable from its previous form. Once little more than a cloud-based file storage tool, the Box platform has grown into a rich storage system with native support for both workflows and document collaboration.
Box has introduced numerous security and compliance features in recent years. Those features have led to Box becoming heavily adopted by the legal and financial services industries.
The bottom line is that organizations are increasingly storing large volumes of sensitive data in Box, and that data needs to be protected through regular backups.
Some websites use Box as a backup target. For the purposes of this article, the phrase "Box backup" refers to backing up the data that already resides in Box.
The best option to protect data in Box is to use a third-party backup application. Vendors that currently offer these services include Veeam, Veritas and Cohesity. Most of the better-known backup applications include native support for various SaaS applications, including Box. This is just one major consideration to the Box backup process.
Another consideration is where the application will write backups. Most Box backup products store backup data on cloud storage such as AWS S3 or Azure storage.
Box is a SaaS application and not part of the in-house infrastructure, so real-time backups probably aren't going to be an option. Some third-party backup tools are designed to back up Box data on an hourly basis, but these vary by provider. It's critical to choose a tool that aligns with your data protection requirements. This will vary depending on the type of data and industry involved.
Box retention policies
One of the ways organizations can protect Box data is through retention policies. Retention policies are a compliance feature that prevent files from being deleted, accidentally or intentionally, for a specific period. If a file that is protected by a retention policy is modified by the organization, the retention policy will preserve both the old and the new version of the file for the required length of time.
Although retention policies are occasionally used as a backup substitute, they are primarily a compliance feature, not a data protection feature. In the case of Box, retention policies are a paid add-on feature and it may be more costly to use retention policies in certain circumstances than to back up the data.
A good backup application stores Box data outside of the Box cloud. It ensures that data is preserved, even in the unlikely event that Box were to suffer a catastrophic failure. Retention policies, on the other hand, store data in place and do not create a secondary data copy that can be recovered if a cloud level data loss event should occur.