Skyhigh Networks provides first stop in cloud security

A file sent from a mobile device to Box can first be inspected by Symantec, McAfee, EMC RSA data-loss prevention systems.

Skyhigh Networks Wednesday aired an offering that lets companies using the Box file-sharing service first have files checked for compliance by their existing data-loss prevention (DLP) equipment.

“While Box does have some DLP itself, this is more than Box can provide,” claims Rajiv Gupta, CEO at Skyhigh. He points out that corporations have made huge investments in their on-premises DLP gear and what Skyhigh has done is integrate its data-governance service so that files sent to authorized Box accounts by mobile device users, for example, can be approved or blocked via the company’s existing DLP systems first.

Skyhigh anticipates similar on-premises DLP integration with cloud-based services, including Salesforce.com and ServiceNow.

+ ALSO ON NETWORK WORLD This is what the new hybrid cloud looks like +

 The DLP angle is important and interesting because Skyhigh, “rather than re-invent the wheel” in terms of DLP, has coordinated a hand-off of files between Box and the on-premises DLP gear that customers already have, says Neil MacDonald, a Gartner analyst. This helps to overcome “a huge blind spot” that companies often face in cloud-based file-sharing,” he adds.

Skyhigh is among a new breed of “cloud-access security brokers,” according to MacDonald. There are several others, mainly start-ups, including Netskope, Adallom, Bitglass, Elastica, Cloud Compare and Skyfence (acquired by Imperva). MacDonald says he hasn’t seen the kind of DLP integration that Skyhigh is shooting for among others.

GE Chief Technology Officer Larry Biagini issued a statement in support of the Skyhigh and Box partnership, saying it was delivering “data governance and secure collaboration capabilities critical to GE, our employees, customers, and partners worldwide.”

Shyhigh’s service for Box can also:

  • Enforce collaboration controls that define how documents can be shared externally based on attributes such as domains.
  • Let administrators enforce authorized access to Box based on geography.
  • Use data analytics to identify behavior indicative of compromised accounts or insider threats across all accounts within the Box environment.
Editors' Picks
Join the discussion
Be the first to comment on this article. Our Commenting Policies