The cloud has transformed workplace collaboration in unforeseen ways. Employees can use a single cloud collaboration service to message a particular coworker or a group of coworkers, upload and share files, make phone calls, and video chat. However, the rapid adoption of collaboration services has introduced IT security concerns as employees upload and share sensitive data with coworkers and 3rd party partners. All told, 18.1% of all documents uploaded to cloud-based collaboration or file-sharing services contain sensitive information that needs to be protected.
To that end, today, Skyhigh is announcing Skyhigh for Cisco Spark, a fully integrated product that delivers an additional layer of security for Cisco Spark customers, enabling them to gain granular visibility into sensitive data uploaded to Cisco Spark, enforce data loss prevention policies, detect and protect against insider threats and compromised accounts, and capture a detailed audit trail of all user and administrator activity for forensic investigations.
Skyhigh (McAfee MVISION Cloud) provides additional layer of security to enterprise Cisco Spark usage
Cisco has built a robust security infrastructure for Cisco Spark. Native security features include end-to-end encryption with customer controlled keys and role based access control (RBAC). Skyhigh for Cisco Spark complements Cisco Spark’s security by integrating with it via its API to enforce a comprehensive set of security and compliance controls across users, devices, and access modes (browser and native app).
Skyhigh for Cisco Spark addresses key enterprise security use cases:
1) Gain visibility into all employee activity in Cisco Spark
Skyhigh provides enterprise security teams with a detailed log of all user activities performed in Cisco Spark. This not only enables near-real time activity monitoring, but also allows IT security to perform post-incident forensic investigations.
2) Enforce policies on data uploaded to Cisco Spark and remediate policy violations
Given the large amount of sensitive data uploaded to cloud-based file sharing and collaboration services such as personally identifiable information (PII), personal health information (PHI) and confidential IP, enterprises need to maintain compliance with industry regulations such as HIPAA, SOX, and PCI. With Skyhigh for Cisco Spark customers can enforce granular DLP policies to detect sensitive data that’s uploaded to Cisco Spark via files or messages and remediate violations by alerting, blocking, or quarantining.
A real-world example includes a large health insurance provider that has deployed DLP policies in Skyhigh to secure its Cisco Spark deployment and maintain HIPAA compliance. Using existing policy templates and defining custom policies in Skyhigh, the organization is able to inspect all documents and messages in Cisco Spark for a dictionary list of HIPAA terms and block or quarantine data that violate the policies.
3) Detect and remediate cloud threats
Using Skyhigh, IT teams can proactively detect and remediate threats associated with insiders, privileged users, and compromised accounts. An average organization faces 23.2 such cloud-related threat incidents each month, and by using multiple threshold-based and algorithmic methods, Skyhigh helps detect these threats early so companies can limit their impact.
4) Extend existing security controls to Cisco Spark
Skyhigh provides out-of-the-box integration with security infrastructure components such as on-premises Data Loss Prevention (DLP) systems, SIEMs, and firewalls, allowing companies to seamlessly extend their controls to cover Cisco Spark usage. Many enterprises have made significant investments in protecting their on-premises data assets and can leverage Skyhigh’s integration to extend existing controls to the cloud.
5) Collaborate effectively by standardizing on Cisco Spark
The average organization uses 210 distinct collaboration services and the average employee uses nine collaboration services, most of which are not sanctioned by IT. By providing visibility into all the cloud services used by employees along with their risk ratings, Skyhigh allows IT to restrict access to high-risk services and consolidate on IT-approved and managed services.
For example, Skyhigh can coach employees towards Cisco Spark by providing just-in-time pop-up messages that appear when they attempt to access unsanctioned collaboration services. This helps companies reduce the risk associated with data exfiltration from shadow cloud services and enables more effective collaboration by consolidating employees onto a single collaboration platform.
Collaboration is a critical enterprise function, and one that is relevant to every employee and team within the company. Cisco Spark provides a powerful solution for companies to boost collaboration between their employees and increase agility within their teams. The integration between Skyhigh and Cisco Spark enables companies to overcome security obstacles and unleash their collaboration potential while ensuring the security of their corporate assets.