Start-up tracks risky security behavior in the cloud

Start-up Skyhigh Networks today introduced a service aimed at tracking risk associated with enterprise use of about 2,000 cloud services, in order to spot any rogue cloud services or to identify high-risk exposure that cloud use might bring to the enterprise.

[RELATED: 12 Must-Watch Security Start-Ups for 2013]

"Cloud is top of mind for CIOs and a bit of a concern because they can't control it as well," says Rajiv Gupta, CEO of Cupertino, Calif.-based Skyhigh which he founded in 2011 with Sekhar Sarukkai and Kaushik Narayan. Because business managers are sometimes bypassing the IT department altogether to order cloud-based services, the CIO and staff can be left in the awkward position of not even knowing where corporate data is headed.

But the cloud-based service from Skyhigh is intended to get a bead on what's happening and correlate that information with about 50 cloud-risk parameters to understand what might be considered "high risk" to the corporation using them.

The basic technique that Skyhigh uses is to collect logs from firewalls and perimeter gateways to learn which URL or IP address that an employee is trying to access associated with a cloud service, while also coming up with a risk score for it. Cloud services would be ranked according to several risk factors that include "is it multi-tenant, can I use an enterprise ID, does it do penetration testing," Gupta says.

All of this monitoring information is batched and sent to a dashboard for review by the IT department in order to gauge the risk to the organization. Another aspect of the service seeks to ensure encryption of data, Gupta says. The service, priced at about $2 to $10 per employee per month, has been in pilot with Torrance Memorial Medical Center, Cisco and data-hosting firm Equinix.

Brian Lillie, CIO of Equinix, says his organization, which started piloting the Skyhigh service last fall, is finding it a good way to discover and manage cloud services, though he doesn't use it at this point to block.

"We have taken action based on it," says Lillie, saying it's a tool that did help pinpoint a cloud service that had been turned on by some inside the organization that needed to be discussed in terms of risk. Finding out through monitoring made it much easier to have that discussion in comparison to just hearing about it in passing.

"It's a dashboard with visibility," Lillie says about using Skyhigh. "It's about knowing that you don't know." Cloud services of all varieties are now a way of life and productive for the enterprise, which can no longer be seen as "the castle with the moat around it," he points out.

Skyhigh's service classifies cloud services into types, such as storage or CRM, and there's a risk-scoring method that is helpful to the CIO and the information security manager, he notes. While Equinix also finds Websense to be a great tool for enterprise monitoring, it's required scripting to do the kind of cloud discovery process that Skyhigh is focused on. Lillie says he finds Skyhigh augments the Websense monitoring he does very well.

Forrester analyst Chenxi Wang says she's not aware of any similar service as Skyhigh's.

"What they did is essentially productized what people have been doing manually (and not very successfully). I think it addresses an immediate pain point," she commented. "Many enterprises would have need for a service like this, so they can understand better their risks associated with the use of cloud services and begin to manage that risk."

Gupta says he doesn't find it particularly unusual to see companies with "more than 200 cloud services, some more than 1,000" these days.

Skyhigh Networks also disclosed that it has $6.7 million in venture-capital funding, with Greylock accounting for $6.5 million of that.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail:

Read more about wide area network in Network World's Wide Area Network section.

Join the CSO newsletter!

Error: Please check your email address.

Tags securityCloudinternetcloud computingCIOWide Area Network

More about CiscoEquinixIDGWangWebsense

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Ellen Messmer

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place