Equinix takes control of shadow IT cloud usage and enforces data loss prevention policies and detects threats in Box
With Skyhigh we were able to implement cloud security policies without impacting business user productivity.—Brian Lillie
Chief Information Officer
Equinix has embraced the use of cloud services to drive productivity and innovation in its business. However, the company’s Global Information Security Officer, George Do, began to grow concerned that he lacked visibility into exactly which cloud services his employees were using. To discover cloud services being used, the information security team had to pore over log files. This process resulted in an incomplete picture because existing log management tools were focused on network attacks, not cloud service risk. Moreover, the process of approving each new cloud service for use by employees required 30 person-hours of due diligence by Do’s staff. “It was very taxing for a small staff like ours.” As Equinix adopted enterprise-ready cloud services, such as Box, they lacked tools to enforce the company’s compliance policies and protect against both internal and external threats.
Equinix selected Skyhigh Cloud Access Security Broker to discover the scope of its cloud services footprint. Do was able to discover all the cloud services in use and quickly assess their risk. “Many services I would not have expected showed up in the analysis, including some that we decided we needed to add because they filled a legitimate need we had not foreseen,” says Do. Skyhigh provided an objective rating of enterprise readiness for each service, reducing the time needed to approve a new cloud service by 90 percent. Equinix also uses Skyhigh’s integration with its firewalls and proxies to serve just-in-time educational messages that coach users away from high-risk services to approved alternatives. Within approved services such as Box, Equinix ensures compliance with external regulations by enforcing data loss prevention and collaboration policies. Skyhigh’s behavior analytics now enables Equinix to detect anomalous behavior in Box across several dimensions to protect against insider threats and compromised accounts.