Box TSA separation is the work of standing up a dedicated Newco enterprise, moving the content Newco owns, rebuilding the permission and collaboration model, reissuing the external shared links, and exiting the seller's account before a shared content platform keeps Newco files and Newco confidential data inside the seller's tenant. The work sits inside the broader carve-out advisory program because content stores hold the contracts, records, and working files the business runs on. Treated casually, it strands files, breaks external shares, and leaves Newco data under the seller's retention.
Box separation starts with an inventory of the seller enterprise. The buyer needs the folder structure and which content belongs to Newco, the user and group directory, the permission and collaboration model, the external shared links and who depends on them, the retention and legal hold policies, the metadata and classification labels, and the connected apps and integrations that read or write content. A content platform holds the business record, so the inventory is a map of what data Newco must take and what stays with the seller.
The seller typically runs Newco content inside a shared enterprise, separated by folder and group permissions rather than by hard boundary. The clean end state is a dedicated Newco enterprise contracted directly with Box. A shared account with folder level isolation is acceptable only as a bridge during the TSA, never as a steady state, because the seller controls administration, retention, and who can reach Newco content.
Target tenant strategy follows the content footprint and the data boundary. Where Newco content is cleanly partitioned, the move is a scoped extraction. Where Newco and seller content are intermingled in shared folders, the buyer defines the boundary file by file or folder by folder so the move takes what belongs to Newco and leaves what belongs to the seller.
A clean inventory drives the downstream sequence: the contract, the enterprise build, the content move, the permission rebuild, and the external share cutover. The pattern aligns with the broader Dropbox separation work where the same content discipline applies.
Box is licensed per user with capability tiers and add ons for governance, security, and workflow. The seller agreement does not transfer in a carve-out. Newco signs a direct contract sized to its headcount and the capabilities it actually needs. The risk is that Newco inherits the seller capability tier, paying for governance or workflow add ons the standalone business will not use. The buyer scopes the Newco tier from the user and content inventory before negotiating.
Box reads a carve-out as a buyer with content the business cannot lose. Leverage comes from a credible alternative, whether a competing content platform or a leaner capability tier, and from the user commitment. The buyer negotiates migration support and a clear export path into the contract so content can be moved and validated before cutover rather than under deadline pressure.
Where the seller continues to host Newco content through a TSA period, the pricing is cost-plus or fixed-fee with a defined exit ramp. The seller cannot mark up a per seat subscription it already holds, and the TSA defines retention, legal hold, who administers Newco content, and how files are returned and purged at exit. The discipline mirrors the broader TSA license consolidation work so Newco eliminates duplicate content spend at exit.
Implementation, where a partner is engaged, is fixed fee for defined deliverables with disciplined change control. A content move has a measurable scope, so it is contracted against named folders, users, and shares rather than open ended consulting time.
Moving the files is the mechanical part. Box content can be migrated between enterprises through the platform tools or a migration service, preserving folder structure, versions, and metadata. The buyer scopes the move to the content boundary, confirms that file versions and metadata carry across, and validates counts so nothing is silently dropped during the transfer.
The permission rebuild is the hard part. Collaborator access, group permissions, folder inheritance, and the shared link settings do not move cleanly, so the buyer reconstructs the access model in the Newco enterprise. Permissions are mapped to Newco users and groups rather than reused from the seller, because a collaborator from the seller side should not retain access to Newco content after exit. A weak permission rebuild is the most common source of post move access incidents.
Retention, legal holds, and classification labels are recreated so the Newco enterprise enforces the same governance. Where content sits under a legal hold, the buyer coordinates with counsel so the hold is preserved through the move rather than broken. Metadata templates that drive workflow and search are rebuilt so content remains findable.
The data boundary and classification align with the broader TSA exit data migration strategy and its validation gates.
External shared links are the consumer surface that breaks. Partners, customers, and external collaborators hold links tied to the seller account, and those links stop working when the content moves. The buyer inventories every external share, reissues Newco links, and runs a communication plan so external parties move before the seller content is removed. A customer that loses access to a shared document at cutover is a relationship problem, not just a technical one.
Identity is the foundation. Single sign on and user provisioning are reconfigured against Newco's identity provider so users authenticate into the Newco enterprise and deprovision cleanly. Where the seller managed Box identity through its directory, the buyer rebuilds the connection so Newco controls access.
The integration estate connects Box to the tools that read and write content. Box Sign, the desktop sync clients, the office editing integrations, ECM connectors, and any line of business app that stores files are reconnected in the Newco enterprise and reauthorized against Newco systems. The desktop sync clients matter because users keep working from synced folders that must repoint to the Newco enterprise.
The external share discipline connects this work to the broader carve-out data governance where customer and partner access is managed with care.
Cutover moves users and access from the seller enterprise to the Newco enterprise. Because content is large, the move often runs as an initial bulk transfer followed by a final delta sync at cutover so recent changes are captured. The runbook covers the freeze on changes in the seller content, the final delta, the permission activation, the external link reissue, and the validation gate before users switch to the Newco enterprise.
Validation confirms the content moved completely and correctly. File counts, folder structure, version history, and a sample of opened files are checked against the seller enterprise. Permissions are tested by confirming the right users can reach the right folders and the wrong ones cannot. External links are tested from an external vantage point. The buyer validates against named folders and named shares rather than trusting that a successful transfer implies a complete move.
Stabilization runs two to four weeks. Missing files, broken permissions, dead links, and sync issues are triaged within agreed service-level commitments. The buyer monitors access patterns to confirm users work from the Newco enterprise. Only after a clean window does the buyer certify content for TSA exit.
Decommissioning the seller content is explicit. Once the Newco enterprise is validated and the TSA tail closes, the seller removes Newco content and confirms return and purge, respecting any retention or legal hold, so Newco files no longer persist in the seller environment.
Box separation cost is driven by the per seat tier and by the migration effort across a large content estate. The discipline is to size the Newco capability tier to actual need, move only the content Newco requires rather than copying years of stale files, and treat the move as a chance to retire obsolete repositories rather than carry them into the standalone business.
The common failure mode is treating Box as a file copy and underestimating permissions and external shares. The content cannot be cleanly exited until the access model is rebuilt and external links are reissued. Buyers that map the permission model and the external shares first avoid the discovery that the files moved but collaborators lost access and customers hit dead links.
The common governance mistake is breaking a legal hold or losing retention during the move. The fix is to coordinate with counsel and recreate holds and retention before content is removed from the seller. A PMO maintains the dependency map across content, identity, and the apps that read files, escalating blocks inside forty eight hours.
A clean Box separation produces a Newco that owns its own enterprise, its own permissions, and its own external shares, with content that is complete, governed, and findable. The discipline runs through the TSA exit acceleration program under a Fixed Fee plus Portfolio Retainer engagement model.
Yes. The clean end state is a dedicated Newco enterprise that Newco contracts directly with Box, with its own users, folders, and permissions. A shared seller account with folder level isolation is acceptable only as a bridge during the TSA, because the seller controls administration, retention, and the bill.
Permissions and shared links, not the files. Moving content is mechanical, but recreating collaborator access, group permissions, and the external shared links that partners and customers depend on is where a migration breaks. A buyer maps the permission model before moving a single file.
Shared links tied to the seller account stop working when content moves, so any partner or customer relying on a seller link loses access. The buyer inventories external shares and reissues Newco links with a communication plan so external parties move before the seller content is removed.
Small content estates move in weeks, but large repositories with complex permissions, retention obligations, and external shares extend the timeline. Most buyers plan two to five months so the content move aligns with identity separation and the apps that read the files.
Team space strategy, the file and share move, and external link handling.
Read the article →Account strategy, envelope and template move, and the signing integration cutover.
Read the article →The data migration framework, validation gates, and reconciliation discipline.
Read the article →The 90-day governance, IT, finance, HR and procurement separation plan we run on live carve-outs. Get the playbook plus the bi-weekly Day One Letter — short, signal-heavy, buyer-side.
No spam. Unsubscribe in one click. · Read the overview first →

Fixed-fee proposal in 48 hours. Senior team on day one. The first conversation is always free.
Seven buyer-side moves to exit a Transition Services Agreement on time and below budget. The mark-up, the extension-fee curve, exit sequencing, and the 11-month calendar.
One tactic, one benchmark, or one pattern from a recent buyer-side engagement. Short. Signal heavy. Free.
Subscribe to The Day One Letter →Treat the email-domain and tenant split as a project, not a switch. Rushed cutovers lose mail, files and identity links you cannot get back.