Visibility and Control for Cloud Apps

The bring-your-own cloud app trend with apps like Salesforce.com, Dropbox, Office 365, NetSuite and hundreds of others has created a blind spot for IT that cannot be addressed by traditional perimeter security and endpoint controls. Imperva Skyfence Cloud Gateway is a cloud access security broker that provides visibility and control over sanctioned and unsanctioned cloud apps. Organizations can discover SaaS applications in use and assess related risks, enforce controls to prevent account-centric threats, meet compliance requirements, and protect user accounts and data in the cloud. With Imperva Skyfence, users get the apps they want and IT gets the visibility and control they need.

Key Capabilities

VISIBILITY AND CONTROL FOR CLOUD APPS

skyfence

Cloud services including email, file sharing, CRM, financials and HR apps reduce costs for organizations but can introduce significant risks to critical information assets. As sensitive and business-critical data moves to the cloud, Skyfence helps organizations: Enforce consistent policies across all apps and immediately detect and protect against DDoS attacks and account takeovers Analyze app risks, monitor user activity and access to sensitive data Enforce consistent policies across all apps and immediately detect and prevent attacks based on anomalous behavior Prevent data leaks and control how sensitive data is shared in the cloud

DISCOVER SHADOW IT AND UNSANCTIONED SAAS APPS

skyfence

Skyfence discovers and catalogs all cloud apps accessed by users both sanctioned and unsanctioned. Organizations can view summary statistics on apps, users, data volume, and overall risk. Additionally, baseline and drill-down views and powerful on-screen filtering help security managers quickly view, assess, and remediate risks. Risk metrics such as the status of service provider audits (e.g., SSAE 16), compliance requirements (e.g., PCI AoC) and many other critical criteria are consolidated and measured so organizations can use the risk score of each app to prioritize their app migration efforts and ensure users are safe and productive. The non-intrusive process does not require any installation of agents or changes to applications.

IDENTIFY SECURITY AND COMPLIANCE GAPS

skyfence

Skyfence extends traditional cloud app discovery information by including specific, contextual risk factors of an organization's use of cloud apps to provide the most accurate risk assessment available today. By providing visibility over inactive, orphaned (ex-employees), and external (partners and contractors) accounts and benchmarking current app configurations against security best practices and applicable regulations, IT can more easily pinpoint their security and compliance gaps and take appropriate action.

MONITOR AND ANALYZE ALL USER AND ADMINISTRATOR ACTIVITY

skyfence

Skyfence gives organizations the operational intelligence they need for a comprehensive evaluation of cloud risk. Skyfence goes beyond app discovery to provide detailed risk and analytics of user, app and endpoint usage while generating consistent user activity logs for your entire cloud environment. Skyfence provides a scalable solution to monitor and analyze activity no matter how many services are in use and provides critical insight and intelligence into:

  • Data usage: Who viewed or modified what, when, and how often
  • Administrator activity: Including settings, permissions, and data access
  • API activity: Cloud app and services data accessed through APIs

Skyfence has ready-to-go enterprise integrations that make it simple to integrate with enterprise directories, Single Sign-On providers, and market-leading SIEM and MDM solutions.

PROTECT USER ACCOUNTS AND DATA IN THE CLOUD

skyfence

Skyfence provides security controls for all your cloud apps, including data leak prevention, automatic anomaly detection, enforcement of risk-based multi-factor authentication, and granular controls over data proliferation and file sharing, including for unmanaged devices. Skyfence enables organizations to automatically enforce these security policies across all their cloud services while actually accelerating access to cloud apps.