Skyhigh Targets Cloud Adoption Challenges With Three Breakthrough Cloud-Native Data Security Innovations

October 24, 2017 Off By David
Grazed from Skyhigh

At the company’s first-ever livestreamed Cloud-Native Data Security Summit at 10 a.m. PDT today, Skyhigh, the cloud security company, will unveil three innovations that enable organizations to protect data in the cloud. These new breakthroughs aims to solve unique security challenges that the scale, speed and user-centric nature of the cloud present, and thus enable organizations to leverage the power of cloud to accelerate their businesses.

Data is an organization’s most valuable asset. As organizations strive to identify, control and protect data in the cloud, and a world in which traditional network-centric security technologies become less relevant, they must reframe their security strategy to focus on securing data natively in the cloud. This is the foundational premise of Skyhigh’s Cloud-Native Data Security (CNDS) framework.

"Today, we are in the age of cloud. And within the persistent ebb-and-flow of information, security needs to empower IT to provide data protection without disrupting the breakneck speed of modern business," said Mauro Loda, Chief Cloud Security Architect, DuPont. "With a CNDS approach, we can enforce security policies like data loss prevention (DLP), rights management, data classification, threat protection and encryption through a single security platform designed in the cloud, for the cloud."

To help businesses surmount cloud-scale challenges, Skyhigh will introduce three new technologies into its CNDS framework:

  • Autonomous Remediation. At the average enterprise today, there are 387 cloud security incidents each month per analyst, overwhelming already maxed-out security operations center (SOC) resources. With Skyhigh’s Autonomous Remediation, when a user performs an IT policy violation wherever they might be working – email, Slack or Microsoft OneDrive, for example – they are immediately alerted in the application and provided instructions to help quickly correct the issue. When coached to take action, users correct issues 97 percent of the time and reduce monthly reported cloud incidents from 387 to 12, freeing SOC analysts to focus on more urgent security investigations.
  • Cloud Email DLP. Exchange Online is the most popular cloud application in the world. Traditional email DLP systems are not in a position to scan the email message and an attachment stored in OneDrive, thus becoming less relevant to email in a cloud world. Skyhigh’s Cloud Email DLP scans both the message and cloud attachments for DLP violations with a consistent policy across Exchange Online and OneDrive, and also other Office 365 services like SharePoint Online, Microsoft Teams and Yammer. In addition to a unified DLP policy, Skyhigh also offers a consistent remediation workflow across all of the sharing and collaboration that occurs natively in Office 365’s various products, as well as other collaboration services like Box, Dropbox, Google and Slack.
  • Lightning Link. There are two primary ways cloud security solutions enforce controls today – either by sitting ‘in-line’ and intermediating the connection between the user’s device and the cloud service, or by connecting directly to the cloud service via an application protocol interface (API). When choosing between in-line and API models, IT security teams face the "cloud security dilemma": either choose an API model, which offers complete coverage including natively created content and access from unmanaged devices, but which can enforce policies only after-the-fact and not in real-time; or choose an in-line model, which enforces policies in real-time but only offers incomplete coverage, missing content created natively in the cloud, content pre-existing in the cloud and access from unmanaged devices. Skyhigh Lightning Link solves this cloud security dilemma, providing the complete coverage of an API model with the real-time enforcement of the in-line model.

"Skyhigh’s CNDS technology is helping Caesars Entertainment operate at the highest level of integrity, while protecting our valuable company data as we move from legacy applications to cloud-based application platforms," said Les Ottolenghi, Executive Vice President and CIO, Caesars Entertainment. "This system allows us to access data from a variety of devices, while evolving our security to meet the increasingly complex demands of a new cloud-native era."

The new technologies, all available today in Skyhigh Security Cloud, represent a major breakthrough for the CASB market, which analysts describe as one of the fastest growing security categories in history. Since introducing the radical idea of a single control-point for all cloud activity five years ago, Skyhigh’s CASB platform has grown to deliver security policy enforcement, automation and intelligence to billions of cloud transactions every hour, across many of the largest organizations in the world.

"Data is the lifeblood of all businesses, and cloud services allow organizations to collect, analyze and share data to accelerate the business. Organizations require a security platform that protects data in the cloud, thus enabling the secure adoption of cloud, not a patchwork of legacy, network-centric security technologies blind to the sharing of data in the cloud," said Rajiv Gupta, CEO, Skyhigh. "A security platform for the cloud has to be data-centric and cloud-native: designed for the scale, speed and user-centric nature of the cloud. The Skyhigh CNDS framework and the three critical technologies we are releasing today enable organizations to securely adopt cloud to accelerate their business."