Security Intelligence Platform for Sanctioned Cloud Services

Over the last two years the Skyhigh Security Intelligence Platform for Shadow Cloud Services has helped enterprises detect anomalous behaviour indicative of security breaches or insider threats, thereby protecting corporate data in on-premise applications from exfiltration to the cloud. With this announcement, Skyhigh is extending its Security Intelligence Platform to sanctioned cloud services, thereby protecting corporate data in cloud systems of record from compromised accounts and insider threats.

“With Skyhigh’s security intelligence capabilities, we can now monitor all activity in our sanctioned cloud services and gain actionable insights into high-risk behaviour, all from a single integrated platform,” said David Levin, Director of Information Security at Western Union.

“Global organisations are empowering workforces of hundreds of thousands of employees to share information and make decisions with agility and speed,” said Justin Somaini, chief trust officer at Box. “Moving content and collaboration to the cloud enables enterprises across industries and geographies to be more competitive and productive. Our partnership with Skyhigh ensures that these businesses can always meet the strictest data governance requirements.”

Similar to how Skyhigh’s canonical CloudRisk Engine can discover, assess risk, and remediate threats across the largest registry of shadow cloud services in the industry, Skyhigh’s canonical CloudAPI Engine now allows Skyhigh to deliver consistent security, compliance, and data governance capabilities to the most comprehensive list of sanctioned cloud services in the industry.

Specifically, the Skyhigh Security Intelligence Platform for Sanctioned Cloud Services delivers the following capabilities:

· Behavioural Analytics: Identifies and prevents data loss from compromised accounts and insider threats, driven by anomalies that take into account the context of the user (e.g. role and reputation), application, data, action, device, and location.
· Privileged User Analytics: Monitors all privileged user activities including escalation of privileges, user provisioning, and unauthorised use for audit and compliance purposes.
· Sensitive Data Analytics: Provides a detailed and continuous view of all sensitive data (such as PII, PHI or corporate IP) stored in these systems, where the data is located, who is accessing it, and DLP violations based on the enterprise’s policies.
· Connected Apps Analytics: Discovers all third-party applications connected to these services, assesses the risk of these applications, and monitors all data moving to these applications.
· Collaboration Analytics: Identifies the size, scope, and relevance of all third parties (customers, suppliers, partners) collaborating with the enterprise, assesses the risks of partners, monitors data accessed by partners, and reports on all exceptions to collaboration policies.
· Security Policy Analytics: Discovers the current settings for all security configurations and suggests modifications to improve security based on industry best practices.
· Alerting, Reporting and Remediation: Delivers real-time alerts, integrates with existing SIEMs, provides drill down capability for forensics and investigations, and enables policy-driven remediation (e.g. block, quarantine, encrypt, force two-factor authentication).

“Enterprises are looking to harness the agility and productivity offered by cloud services, but the cloud can also pose a security blind spot,” said Rajiv Gupta, co-founder and CEO of Skyhigh Networks. “Sanctioned cloud services that are rapidly becoming systems of record for critical business functions need to be protected from compromised accounts and rogue insiders. The Skyhigh Security Intelligence Platform is designed specifically for security teams chartered to protect corporate data across both shadow and sanctioned cloud services.”