Products & Releases

Skyhigh announces fix for cloud security blind spot

Skyhigh announces fix for cloud security blind spot

Campbell, Calif. —April 16, 2015 —Skyhigh Networks, the cloud security and enablement company, today announced its Security Intelligence Platform for Sanctioned Cloud Services. The new offering is built on a canonical Cloud API Engine that enables rapid detection and response on a single platform for security, compliance, and data governance across all sanctioned cloud services such as Salesforce, Box, Microsoft Office 365, ServiceNow, Jive, Workday, Google for Work, and Dropbox for Business.
Over the last two years the Skyhigh Security Intelligence Platform for Shadow Cloud Services has helped enterprises detect anomalous behavior indicative of security breaches or insider threats, thereby protecting corporate data in on-premise applications from exfiltration to the cloud. With this announcement, Skyhigh is extending its Security Intelligence Platform to sanctioned cloud services, thereby protecting corporate data in cloud systems of record from compromised accounts and insider threats.
“With Skyhigh’s security intelligence capabilities, we can now monitor all activity in our sanctioned cloud services and gain actionable insights into high-risk behavior, all from a single integrated platform,” said David Levin, Director of Information Security at Western Union.
“Global organizations are empowering workforces of hundreds of thousands of employees to share information and make decisions with agility and speed,” said Justin Somaini, Chief Trust Officer at Box. “Moving content and collaboration to the cloud enables enterprises across industries and geographies to be more competitive and productive. Our partnership with Skyhigh ensures that these businesses can always meet the strictest data governance requirements.”
Similar to how Skyhigh’s canonical CloudRisk EngineTM can discover, assess risk, and remediate threats across the largest registry of shadow cloud services in the industry, Skyhigh’s canonical CloudAPI EngineTM now allows Skyhigh to deliver consistent security, compliance, and data governance capabilities to the most comprehensive list of sanctioned cloud services in the industry.
Specifically, the Skyhigh Security Intelligence Platform for Sanctioned Cloud Services delivers the following capabilities:
o  Behavioral Analytics: Identifies and prevents data loss from compromised accounts and insider threats, driven by anomalies that take into account the context of the user (e.g. role and reputation), application, data, action, device, and location.
o  Privileged User Analytics: Monitors all privileged user activities including escalation of privileges, user provisioning, and unauthorized use for audit and compliance purposes.
o  Sensitive Data Analytics: Provides a detailed and continuous view of all sensitive data (such as PII, PHI or corporate IP) stored in these systems, where the data is located, who is accessing it, and DLP violations based on the enterprise’s policies.
o  Connected Apps Analytics: Discovers all third-party applications connected to these services, assesses the risk of these applications, and monitors all data moving to these applications.
o  Collaboration Analytics: Identifies the size, scope, and relevance of all third parties (customers, suppliers, partners) collaborating with the enterprise, assesses the risks of partners, monitors data accessed by partners, and reports on all exceptions to collaboration policies.
o  Security Policy Analytics:  Discovers the current settings for all security configurations and suggests modifications to improve security based on industry best practices.
o  Alerting, Reporting and Remediation: Delivers real-time alerts, integrates with existing SIEMs, provides drill down capability for forensics and investigations, and enables policy-driven remediation (e.g. block, quarantine, encrypt, force two-factor authentication).

“Enterprises are looking to harness the agility and productivity offered by cloud services, but the cloud can also pose a security blind spot,” said Rajiv Gupta, co-founder and CEO of Skyhigh Networks. “Sanctioned cloud services that are rapidly becoming systems of record for critical business functions need to be protected from compromised accounts and rogue insiders. The Skyhigh Security Intelligence Platform is designed specifically for security teams chartered to protect corporate data across both shadow and sanctioned cloud services.”

About Skyhigh Networks
Skyhigh Networks, the cloud security and enablement company, helps enterprises safely adopt cloud services while meeting their security, compliance, and governance requirements. Hundreds of enterprises including Aetna, Cisco, DIRECTV, HP, and Western Union use Skyhigh to gain visibility into all cloud services in use and their associated risk; analyze cloud usage to identify security breaches, compromised accounts, and insider threats; and seamlessly enforce security policies with encryption, data loss prevention, contextual access control, and activity monitoring. Headquartered in Campbell, Calif., Skyhigh Networks is backed by Greylock Partners, Sequoia, and

Editors' Choice
Evan Schuman, Contributing Writer, Dark Reading
Tara Seals, Managing Editor, News, Dark Reading
Jeffrey Schwartz, Contributing Writer, Dark Reading