Cloud Security Service
The bring-your-own-cloud-app trend with apps like Salesforce.com, Dropbox, Office 365, NetSuite and hundreds of others has created challenges for IT that cannot be addressed by traditional perimeter security and endpoint controls.
Imperva Skyfence Cloud Gateway is a cloud access security broker (CASB) that provides visibility and control over sanctioned and unsanctioned cloud apps. Organizations can use this cloud security service to discover SaaS applications in use and assess related risks. They can also enforce controls to prevent account-centric threats, meet compliance requirements, and protect user accounts and data in the cloud. With Imperva Skyfence, users get the apps they want and IT gets the visibility and control they need.
Visibility and Control for Cloud Apps
Cloud services including email, file sharing, CRM, financials and HR apps reduce costs for organizations but can introduce significant risks to critical information assets. As sensitive and business-critical data moves to the cloud, Skyfence Cloud Gateway helps organizations:
- Enforce consistent policies across cloud apps and immediately detect and protect against account takeovers
- Analyze cloud app risks, monitor user activity and access to sensitive data
- Detect and protect against attacks based on anomalous behavior
- Prevent data leaks and control how sensitive data is shared in the cloud
Discover Shadow IT and Unsanctioned SaaS Apps
Skyfence Cloud Gateway discovers and catalogs all cloud apps accessed by users—both sanctioned and unsanctioned. This cloud access security broker lets organizations view summary statistics on apps, users, data volume, and overall risk. Additionally, baseline and drill-down views and powerful on-screen filtering help security managers quickly view, assess, and remediate risks.
Risk metrics such as the status of service provider audits (e.g., SSAE 16), compliance requirements (e.g., PCI AoC) and many other critical criteria are consolidated and measured so organizations can use the risk score of each app to prioritize their app migration efforts and ensure users are safe and productive.
The non-intrusive process does not require any installation of agents or changes to applications.
Identify Security and Compliance Gaps
Skyfence Cloud Gateway extends traditional cloud app discovery information by including specific, contextual risk factors of an organization’s use of cloud apps to provide the most accurate risk assessment available today. By providing visibility over inactive, orphaned (ex-employees), and external (partners and contractors) accounts and benchmarking current app configurations against security best practices and applicable regulations, IT can more easily pinpoint their security and compliance gaps and take appropriate action.
Monitor and Analyze All User and Administrator Activity
Skyfence Cloud Gateway gives organizations the operational intelligence they need for a comprehensive evaluation of cloud risk. This cloud security service goes beyond app discovery to provide detailed risk and analytics of user, app and endpoint usage while generating consistent user activity logs for your entire cloud environment. Skyfence provides a scalable solution to monitor and analyze activity no matter how many services are in use and provides critical insight and intelligence into:
- Data usage: Who viewed or modified what, when, and how often
- Administrator activity: Including settings, permissions, and data access
- API activity: Cloud app and services data accessed through APIs
Skyfence has ready-to-go enterprise integrations that make it simple to integrate with enterprise directories, Single Sign-On providers, and market-leading SIEM and MDM solutions.
Detect anomalies and insider threats
Skyfence continuously monitors user behavior across cloud apps, automatically detecting high-risk or anomalous activities indicative of insider threats. Out-of-the-box integration with Imperva CounterBreach provides a unified view of anomalies and threats to enterprise database tables, files stored in file shares, and data stored in cloud apps. And through ThreatRadar IP Reputation for Skyfence, you can correlate activity anomalies with risky IP addresses, making for more accurate threat detection.
Protect User Accounts and Data in the Cloud
Skyfence Cloud Gateway provides security controls for all your cloud apps, including data leak prevention, automatic anomaly detection, enforcement of risk-based multi-factor authentication, and granular controls over data proliferation and file sharing, including for unmanaged devices. Skyfence enables organizations to automatically enforce these security policies across all their cloud services while actually accelerating access to cloud apps.