Skyhigh for Shadow IT



Control Shadow IT Sprawl and Minimize Risk with Skyhigh for Shadow IT

Skyhigh Networks, the world’s leading Cloud Access Security Broker (CASB), delivers a single control point for enterprises to consistently enforce their security, compliance and governance policies across all cloud services (SaaS, PaaS, and IaaS), all users (on-prem, remote, and third party) and all devices (managed and unmanaged).

Skyhigh for Shadow IT

Skyhigh for Shadow IT enables enterprises and governments to take control of employee-led cloud adoption with continuous visibility into all cloud services in use, real-time governance policy enforcement, and threat protection. Organizations use Skyhigh’s Global Cloud Registry of 20,000+ benchmarked cloud services and cloud intelligence from over 30 million users to get visibility into all cloud usage and the risk associated with each cloud service. IT and Security teams use this information to enforce governance policies to permit or block selected cloud services and enforce these policies using existing infrastructure such as proxies and firewalls.

Skyhigh for Shadow IT is a frictionless SaaS solution that requires no hardware, appliances, agents or pac-files, deploys in a few hours and delivers powerful intelligence about cloud usage as well as protection from high-risk cloud services and anomalous user activity. The Shadow IT service is easy to manage with minimal staff resources and integrates seamlessly with existing infrastructure without requiring any rip and replace.

The State of Missouri (case study) uses Skyhigh for Shadow IT to secure 14 agencies and 40,000 end users and enforce HIPAA and FERPA compliance policies. Maricopa County Arizona (case study) uses Skyhigh for Shadow IT to analyze cloud usage, address security gaps, and formulate long-term cloud strategies.

More information on Skyhigh for Shadow IT capabilities can be found in the Skyhigh for Shadow IT datasheet.

Skyhigh for Shadow IT Security & Architecture

Skyhigh provides an extra level of security for customers through our patented technology (U.S. Patent 9571516) and unique architecture. Using this technology, Skyhigh anonymizes sensitive data by tokenizing details such as user names and IP addresses. The tokenization is done either via SHA-1 or HMAC SHA-256 hashing algorithms, the most secure cryptographic standards available today, along with the customer provided salt or secret key. The original data cannot be mathematically reversed without a lookup table, which is stored on the customer’s premises only. This architecture ensures that no one outside of the customers' premises has access to user specific data, not even Skyhigh administrators.

Skyhigh is a Leader in the Cloud Access Security Broker (CASB) Domain

Skyhigh software services are used by over 500 of the world’s leading enterprises, including 40% of the Fortune 500 as well as many federal and state establishments within United States and in other countries. Skyhigh's state and local government customers include State of Missouri, State of New York, State of Ohio, County of Cuyahoga (Ohio), County of Fairfax (Virginia), Maricopa County (Arizona), CalPERS, and Lower Colorado River Authority, as well as many U.S. Federal Agencies and international governments. This adoption and product innovation has put Skyhigh as the leader in the CASB space. This was acknowledged by reputed analyst firm Forrester, when they rated Skyhigh as a ‘leader’ in their recently released The Forrester Wave: Cloud Security Gateways, Q4 2016. (You may download the full Forrester Wave Report with the previous link after a one-time registration).

Skyhigh has imposed several security controls within its solution to protect the privacy of customer data. Skyhigh is the first and only CASB to be FedRAMP certified and enables agencies to meet requirements of regulations such as FISMA, PCI, HIPPA, IRS 1075, FIPS 140-2, and FITARA. Skyhigh is also ISO 27001/27018 certified, and stores no customer data in our cloud.

Skyhigh Product Line

Skyhigh offers the following products for enterprises to secure their cloud usage:

  • Skyhigh for Shadow IT
  • Skyhigh for Office 365
  • Skyhigh for Box
  • Skyhigh for Salesforce
  • Skyhigh for Slack
  • Skyhigh for Amazon Web Services
  • Skyhigh for Custom Applications
  • Skyhigh for Dropbox
  • Skyhigh for ServiceNow
  • Skyhigh for Google Drive

Cloud Security Use Cases

  • Cloud Visibility: Skyhigh discovers all cloud services in use by employees, including thousands of cloud services uncategorized by firewalls and web proxies.
  • Cloud Governance: Skyhigh enforces governance policies based on cloud service groups. infrastructure.
  • Compliance: Skyhigh enforces DLP policies across data at rest and in motion to ensure compliance with regulations and internal policies.
  • Activity Monitoring: Skyhigh provides a centralized dashboard to analyze high-risk activity across all cloud services, drill into incidents, and perform forensic investigations with a complete audit trail of all user activity.
  • Threat Protection: Skyhigh analyzes cloud activity across multiple heuristics, developing an accurate and continuously updated model of user behavior that detects threats associated with insiders, privileged users, and compromised accounts.
  • Encryption: Skyhigh delivers end-to-end structured and unstructured data encryption using a multimode approach that protects data as it is uploaded to the cloud as well as data already stored in cloud services.
  • Access Controls: Skyhigh enforces granular permissions for activity within cloud services based on contextual factors such as the cloud service, user, device, attempted action, and location in addition to simple coarse-level policies to allow/block access. Skyhigh integrates with Mobile Device Management (MDM) solutions to enforce device-based access controls such as allowing read-only access when sensitive documents are being accessed from unmanaged devices.

Shadow IT Starter Kit

Skyhigh for Shadow IT requires a one-time pre-packaged start up service required for new Shadow IT deployments. This is a light lift for staff resources and includes deployment, configuration and integration with customer infrastructure as needed such as firewalls, proxies, Active Directory, tagging by departments or groups etc.

Shadow IT Training & Technical Support

Skyhigh for Shadow IT SaaS includes on-going training for new or existing staff, all upgrades and technical support 24/7 for the full duration of your license.

Pricing, Ordering, Questions & Contact

Skyhigh for Shadow IT is available to all Multi-State Information Sharing and Analysis (MS-ISAC) members, as well as other state, local, tribal and territorial governments, nonprofit organizations, and public education and healthcare institutions at least 25% off the regular price through CIS CyberMarket. For questions, product, or pricing information, contact or call the CIS CyberMarket team at 518-880-0770.

For additional product documentation, whitepapers, case studies, videos, etc., please visit:

CIS CyberMarket logo

Have a question?
Need pricing details?
Contact us: 518 880 0699