Audit Azure security and compliance configuration
Skyhigh continuously monitors and audits the security configuration of all managed and unmanaged Azure subscriptions to reduce risk and ensure compliance with external regulations and internal policies. Skyhigh uses field-tested industry best practices to suggest corrective measures to harden Azure security settings.
Skyhigh detects compromised account activity in Azure based on brute force login attempts, logins from new and untrusted locations for a specific user, and consecutive login attempts from two locations in a time period that implies impossible travel – even if the two logins occur across multiple cloud services – to support immediate remediation and limit exposure.
Insider and privileged user threats
Skyhigh automatically constructs a behavior model with dynamic and continuously updated thresholds for each user and group to identify activity indicative of insider threat. Privileged user analytics identifies risk from inactive administrator accounts, excessive permissions, and unwarranted escalation of privileges and user provisioning.
Prevent unauthorized regulated data from being stored in Azure storage services
Skyhigh for Azure enforces DLP policies across data at rest and in motion to ensure compliance with regulations and internal policies. Skyhigh supports DLP rules based on keywords, data identifiers, user groups, and regular expressions. Enforcement actions include coach users, notify administrator, block, quarantine, and delete. Leverage pre-built industry templates, create custom policies in Skyhigh, or leverage policies in an existing on-premises DLP solution.
“Skyhigh continues to expand its security controls beyond SaaS to help companies cover their custom-built applications running in IaaS including the IaaS platforms themselves.”
“Skyhigh helps us understand how employees use the cloud to identify insider threats, compromised credentials, and excessive privileged user access.”
“In an environment with millions of unique events each day, Skyhigh does a nice job of cutting through the noise and directing us to the areas of greatest security concern.”
“Skyhigh allows us to have more control over data security by adding an additional layer of protection beyond what the typical cloud service provider can offer.”
Standardize on a corporate Azure subscription
Skyhigh identifies all Azure subscriptions in use by employees and enables enterprises to standardize on their corporate Azure subscriptions. Using Skyhigh, you can enforce governance controls and coach users to corporate Azure subscriptions for centralized visibility and policy enforcement.