These are the recommended Box settings for mxHERO, particularly within Enterprise Settings → Content & Sharing.
These configurations ensure that email attachments can be securely replaced with Box links when messages are processed by mxHERO

Enterprise Settings → Content & Sharing

1. Shared Links

These settings control how users can generate links to share content stored in Box. They directly affect how files sent through mxHERO can be accessed by recipients.

Allow shared links for
✅ Recommended: Folders, files, and hubs

Reason: mxHERO generates Box links when replacing email attachments, so shared links must be enabled for files.

Definition of company

✅ Recommended: (depending on the organization’s security model):
Users with email domain → for simple internal access
Enterprise ID → for organizations with multiple tenants

Reason: This setting defines who is considered an internal user when using company-restricted shared links.

People who can access shared links

✅ Recommended: People with the link, People in your company, and People in this folder

Reason: may need to generate links for external recipients who do not have a Box account.

Default access for shared links

Two common configurations depending on the desired security level:

Option A – Higher security (recommended): People in your company
Option B – Frequent external sharing: People with the link

Reason: If the default access is internal, mxHERO can elevate permissions only when necessary.

Shared Link Permissions

✅ Recommended:

Max permission: Can view and download
Default: Can view only o Can view and download

Reason: This prevents uncontrolled editing of shared files.

2. Custom Shared Links

Allow custom shared link URLs

✅ Recommended: Disabled

Reason: Prevents users from creating predictable public URLs for sensitive content.

Show your custom domain in shared link URLs

✅ Recommended: Enabled

Reason: Improves user trust when recipients receive shared links.

3. Collaborating on Content

Available Roles

✅ Recommended: Viewer, Previewer, or Editor
⚠️ Avoid: Co-owner, or Owner (for regular users)

Reason: Reduces collaboration privileges and minimizes risk.

Default Collaboration Role

✅ Recommended: Viewer

Reason: Follows the principle of least privilege.

Restrict invites

✅ Recommended: Enabled

Reason: Only Owners, Co-owners, and Admins can invite collaborators.

Enable invite links

⚠️ Recommended: Disabled

Reason: Prevents indirect or uncontrolled access.

Enable group invites

✅ Recommended: Enabled

Reason: Simplifies access management through groups.

Restrict Ownership Transfer

✅ Recommended: Enabled

Reason: Prevents ownership from being transferred to external users.

Move and copy content to a folder

✅ Recommended: Prevent collaborators from moving/copying to higher permission folders

Reason: Prevents privilege escalation through folder permission changes.

External Collaboration

Two recommended models:

Flexible model (most common with mxHERO): Allow collaboration with any external users
Restricted model (regulated environments): Limit collaboration to allowlisted domains

4. Auto-Expiration

(This is Very Important for mxHERO, as mxHERO frequently uses this feature for secure attachment delivery.)

Disable all shared links after

✅ Recommended: 30–60 days

Disable public shared links after

✅ Recommended: 7–30 days

Notify item owners before expiration

✅ Recommended: 7 days

Allow owners to modify expiration

✅ Recommended: Enabled → Provides flexibility for users.

(IMPORTANT NOTE: If this option is set as “disabled”, any existing shared links with expiration dates will no longer be modifiable. For this reason, this configuration is not recommended.)

5. Additional Options Commonly Used with mxHERO

These settings are often combined with the mxHERO integration:

Password protection for links: The password is sent through a separate communication channel (configured through mxHERO policies).

Prevent download: View-only access for sensitive documents.

Link expiration: Automatic expiration for temporary access.

✅ Summary