By Timothy Gonda, Senior Cybersecurity Solutions Engineer at ECS
Published on July 18, 2018
It’s how we work, what we do: we click, swipe, scroll, upload, download, and share our way through the day, often without a second thought about security. We expect to be secure as we enjoy the convenience of doing business in the cloud, but sometimes it’s our own behavior that creates the most challenging vulnerabilities.
Every so often, we’re stopped in our tracks: an official-looking phishing email gets through the cracks, or a team member uploads information from a compromised source. Now we’re dealing with an insider threat or a compromised account, and the only answer is quick and responsive remediation. That’s where CASBs come in.
A “CASB” (CAZ-bee) is a cloud access security broker: on-premise or cloud-hosted software that sits between cloud service consumers and cloud service providers to enforce security, compliance, and governance policies for cloud applications such as Office365, SharePoint, Salesforce, and even the big players like Amazon and Azure. CASBs help protect corporate data in the cloud. The term “CASB” originated with research giant Gartner, who recently released a Magic Quadrant (the company’s unique research methodology) rating CASB vendors on the market. Gartner calls CASB “the fastest growing security category ever.” Skyhigh Networks was first to market in this space, launching the first CASB in 2012. The cloud security startup was acquired by McAfee in January 2018.
Skyhigh is a CASB market leader earning top placement by key analysts: Gartner, Forrester and IDC. Here are some useful benefits of Skyhigh and why CASBs matter to companies doing business in the cloud:
Skyhigh enforces data loss prevention (DLP) policies across the cloud by incorporating shadow IT, real-time and near real-time protections, and alerting, reporting and preventing DLP compromises.
You can only protect yourself from what you can see. Skyhigh’s shadow IT provides visibility of the cloud services installed and active in your environment and details about who is using the service and for what purpose—all of which help to develop a risk profile for your organization. Also, Skyhigh’s configuration audit service can be leveraged to find potential misconfigurations and risks in your PaaS and IaaS environment.
With team members on the go, personal devices play a part in getting business done. Skyhigh can be configured to block the download of corporate data to personal devices by preventing unauthorized transfers to sources outside of your acceptable environment. To do so, Skyhigh uses state-of-the-art scanning techniques coupled with proven McAfee DLP engine.
Detection precedes remediation. Skyhigh can detect compromised accounts, insider threats, and malware by providing visibility by auditing cloud application logs and homing in on suspicious events.
Audit and tighten the security settings of your cloud services by providing near real-time configuration and auditing of your infrastructure. Spot what your infrastructure engineers missed!
Companies who want the benefit of using the Skyhigh CASB while streamlining their investment have the option of working with a managed service provider (MSP) to host and manage Skyhigh for their teams. MSP solutions provide an unlimited number of policy changes to allow your security strategy to grow with your business. Additional benefits of Skyhigh as a Service include customized reporting and dashboards, engineering support, multi-tier help desk, and 24×7 operation and support.
The ECS cyber team is a McAfee Managed Service Provider delivering Skyhigh as a Service to customers of all sizes, in public sector and commercial markets. Find out more by contacting Andy Woods at andy.woods@ECStech.com.