Gain visibility into all cloud usage, assess the risk to the organization and protect sensitive data shared by faculty and staff
As educational organizations adopt cloud technology, a host of data security issues have arisen. Technology is changing how schools and universities deliver IT, but these changes have also led to a loss of visibility into how faculty and staff access and use sensitive data. Moreover, universities looking to foster collaboration between themselves, their departments and faculty have adopted cloud storage and collaboration services, which can lead to data loss incidents when sensitive data is shared outside of policy. Skyhigh helps educational institutions gain visibility into who is using what cloud services, understand their risks from cloud usage and enforce security and compliance policies.
In today’s fast-paced environment, educational institutions are constantly looking to foster more efficient collaboration and information sharing within the organization as well as with other organizations. One way they are achieving this is by leveraging cloud technology. However, there is a persistent data security risk that comes with increased collaboration as staff unknowingly uses risky and unsafe cloud services to perform their day-to-day work. Skyhigh enables secure usage of sanctioned cloud services such as Box, Dropbox, Google Drive and Office 365. Skyhigh also discovers all shadow cloud services in use and provides detailed risk ratings for each service, enabling you to quickly understand the risk to your organization while staying FERPA compliant.
Enable IT-sanctioned cloud services by implementing data security controls. Encrypt your data with enterprise-controlled keys or tokenize your data before it is uploaded to the cloud – making data indecipherable to any third parties outside of the permitted institutions or users. Leverage FIPS 140-2 compliant encryption libraries to ensure the strength of encryption.
Skyhigh enforces policies across data uploaded to and stored in the cloud to comply with FERPA, HIPAA and various state and national privacy and data residency laws. You can select the appropriate controls (e.g. encryption, data loss prevention, contextual access control, etc.) based on your regulatory requirements. For example, inspect and block uploads to high-risk file sharing services if they contain sensitive data based on your DLP policies or encrypt all Protected Health Information (PHI) stored in SaaS applications with enterprise-managed keys.
Skyhigh’s behavioral analysis engine leverages machine learning to identify patterns of usage that may seem innocuous but may actually signify a security threat. Combined with data from SIEMs and other analysis tools, you get a complete picture of user behavior to identify and stop inadvertent or malicious loss of sensitive data. As Skyhigh detects threats, risk-mitigating action can automatically be taken, such as temporarily suspending access to a user suspected of insider threat or forcing multi-factor authentication when a compromised account is detected.
Many organizations block certain high-risk services as defined by their data security policies. However, these policies are often inconsistently applied due to the introduction of new cloud service URLs, inconsistent policies across firewalls and proxies, and exception sprawl. Skyhigh identifies these policy enforcement gaps and leverages your existing firewall and proxy infrastructure to close them – via user coaching, allowing partial access such as read-only access and blocking.