Enable cloud services in demand
Skyhigh visually summarizes access patterns over time, including which users and departments use which cloud services and where corporate data is flowing. Pre-built and custom reports provide insight into cloud services in demand by end users so IT can proactively enable the business with tools that drive productivity.
Quantify risk from cloud usage
Skyhigh calculates a personalized enterprise Cloud Risk Score based on the risk of cloud services in use and user activity. Cross-department and industry benchmarks enable you to assess the level of risk across the company and with peers. Track changes to risk over time to quantify the impact of enforcement actions.
“Skyhigh is unique in the marketplace because it allows us to understand our cloud footprint and enforce appropriate use policies around cloud services.”
“Skyhigh gives us the visibility we need to monitor web service usage, block high-risk services and coach users to enterprise-ready alternatives.”
“What we needed was visibility. We really had to answer the tough questions: what are we using the cloud for, what's our data doing, where's it moving to, and who has access to it?”
“Skyhigh provided granular visibility into what our users were doing and the ability to provide policy controls for different business units.”
“Skyhigh has helped us provide better service. I can change my approach from blocking to one of detect, respond, and educate.”
Accelerate cloud service security assessments
Comprehensive cloud registry
Skyhigh’s Service Intelligence Team maintains a comprehensive and continuously updated registry of over 20,000 cloud services that classifies services into over 30 granular categories. As new cloud services come online and services add new URLs, Skyhigh tracks changes in a central database available to all customers.
Customizable risk assessments
Skyhigh performs detailed risk assessments on cloud services across 50 attributes of enterprise readiness and calculates a 1-10 CloudTrust Rating. By selecting attributes of risk that are most important, IT security teams can generate customized risk ratings tailored to their organization’s requirements.
End-to-end governance workflow
Skyhigh’s governance workflow enables IT security teams to track user requests, view historical approval decisions, evaluate cloud services using Skyhigh’s Cloud Registry, and notify end users of approval decisions automatically. As cloud providers introduce new security capabilities that decrease risk, Skyhigh flags these changes so IT security teams can re-evaluate a previously requested service.
Granular policies and coaching
Skyhigh’s governance workflow enables IT teams to categories all services as approved, permitted, or denied and enforce granular access policies for each. Enforcement actions include coarse-level allow/block and fine-grain actions such as allowing users to access the service and view content, but disabling post or upload actions. Skyhigh can display real-time coaching messages directing users to an approved alternative if they attempt to access a prohibited service.
Identify sensitive data uploaded or shared outside of policy
Skyhigh scans cloud services to identify sensitive or regulated data that was uploaded outside of corporate policies. Skyhigh can also identify overly broad sharing permissions and shared links that create a risk of data loss.
Find and close policy enforcement gaps
Skyhigh discovers gaps in firewall and proxy policy enforcement due to incomplete categorization, newly introduced cloud provider URLs, inconsistent policies across egress infrastructure, and overly broad exceptions and integrates with your existing firewalls and proxies to eliminate these enforcement gaps.