Granular DLP policies
Configure precise DLP policy rules using data identifiers for common data types (e.g. Social Security numbers, credit card numbers, etc.), file names, keywords, file sizes, file types, regular expressions that identify custom patterns (e.g. IP addresses, medical record numbers, etc.), third-party document classification tags, and user actions such as creating a link to share.
Skyhigh reports on policy violations and can automatically perform remediation to protect data. Remediation actions can be tiered based on the severity of the violation and include: block upload, encrypt, quarantine, modify sharing permissions, revoke a shared link, and delete. End users are notified of violations and can self-report a potential false positive should it occur.
Audit internal and external sharing
Skyhigh analyzes collaboration permissions within cloud-based file sharing services to internal departments, business partners, and personal emails. Visually browse data flows in aggregate or for specific types of sensitive data and review policy violations.
Skyhigh enforces collaboration policies based on domain whitelist/blacklist and document content. Remediation actions include educating users on acceptable sharing, modifying permissions to disable third-party editing while retaining access, and prohibiting third-party access.
Shared link policies
Shared links provide untraceable access to a file for anyone with the link, and are easily forwarded to third parties. Skyhigh enforces blanket shared link policies, or granular DLP policies using shared links as one rule in the policy. In response to a policy violation, Skyhigh can revoke a shared link.
“Skyhigh allows us to extend DLP outside the perimeter and into the cloud and the user experience is seamless.”
“We use Skyhigh to layer security controls like data loss prevention and access control for Box so that the easy path to collaboration is also the secure path.”
“Skyhigh lets us use Box to its full capability. We can see how our data is being used and if it is being shared with third parties.”
“Skyhigh helps us securely enable high-impact cloud services like Office 365 while ensuring data security and compliance with HIPAA and HITECH.”
“With Skyhigh we were able to implement cloud security policies without impacting business user productivity.”
Review DLP incidents from a unified interface
Security teams review DLP policy violations in Skyhigh for all cloud services via a unified policy violation interface showing the policy violated, user, file, severity, and outcome. Reviewers can filter violations to focus on high-priority incidents and potential false positives reported by end users.
Compliance reviewers can drill down into violations by cloud service, policy type, department, user, and time frame to understand the full context of who did what when. Reviewers can analyze the original file that triggered the violation in its native format to understand the context of violation.
Complete remediation workflow
Skyhigh uses data identifiers purpose-built for DLP, rather than OEM search technology, leading to the most accurate DLP policy engine in the industry. Upon review, in the event a document does not violate a policy, a quarantine or revoked collaboration action can be rolled back to restore the file and permissions.
Get started quickly with DLP templates
Skyhigh provides out-of-the-box DLP policy templates for major industries and regulations including PCI DSS, HIPAA, HITECH, GLBA, SOX, CIPA, FISMA, and FERPA so you can start enforcing policies immediately.
Leverage existing DLP policies and workflow
Skyhigh integrates with leading DLP solutions from Symantec, EMC RSA, Intel McAfee, and Websense via ICAP. Leveraging policies configured in an on-premises DLP solution, Skyhigh can inspect data in the cloud, enforce a policy, and register the enforcement action in the DLP solution where the policy is managed with closed loop remediation.