March 5, 2013
One trait of cloud computing that has IT departments shaking in their boots is the face that since cloud services can often been purchased by end users on a credit card, it is often very difficult for central IT to have any sort of meaningful visibility over the different applications that are used. Indeed one of the main reasons cited for blocking the adoption of cloud is this “rogue IT” tendency.
It’s for this reason that services that promise to discover, analyze and ultimately control cloud services are gaining much attention at the moment – a case in point is Skyhigh Networks who launched recently with backing from one of the Valley’s most venerable VC firms, Greylock. Founded by a group of Cisco veterans, Skyhigh gave its first public glimpse at the RSA conference. Skyhigh is more than just a pretty PowerPoint deck to illustrate a concept however, it already has customers willing to go on record as using the product – including Cisco, Equinix, General Electric and the Torrance Memorial Medical Center.
So what can Skyhigh do? Core capabilities include:
- Discovery: Log-based discovery and objective, customizable risk assessment of all cloud services in use by employees
- Analysis: User, service, device, and data behavioral modeling and anomaly detection, utilization, benchmarking, and trending of all cloud service use
- Control: three-click intermediation of selected cloud services for access control and encryption of data with enterprise-owned keys
At launch, Skyhigh enabled a cloud-based, multi-tenant service integrated with over 2,000 cloud services in over 30 categories such as storage and collaboration (e.g., Box.com), productivity (e.g., Microsoft Office 365), source code versioning (e.g., GitHub), and CRM (e.g., Salesforce.com). In one swoop – Skyhigh provides a compelling answer to most of the issues IT generally raises about cloud computing – visibility, security and control. Rather than extended public testing phase, Skyhigh is sufficiently sure about its product that it came out of stealth and directly went into general availability. So how does it work? From the website:
In minutes, the Skyhigh service discovers all cloud services being accessed and provides detailed ratings on the potential risks to the enterprise presented by each service. These detailed ratings are based on an objective weighted assessment of more than 30 security and legal risk factors. Leveraging a proprietary processing engine powered by Hadoop, the Skyhigh service analyzes all cloud service usage and detects anomalies that may indicate potentially harmful use or information leakage. It compares actual use of services with paid subscriptions, enabling organizations to slash their costs and eliminate unwanted or redundant services.
I’ve written many times previously about enterprises be unwilling to hand over control of services to third party vendors – cloud storage and collaboration is a good example where, despite many vendors efforts to build security into their products, enterprises feel uncomfortable with data leaving their control. By using Skyhigh as an intermediating services, the enterprise can ensure that in all cases, even when stored with third party vendors, encryption remains consistent and in the control of the organization. This concept might not be overly palatable to the storage vendors themselves – who gain part of their value proposition by both reducing storage costs through deduplication and aggregating data and deriving insights from it for customers – but for organizations who want control to remain closely held by themselves – it’s a good solution to the conundrum they face.
Co-founder Rajiv Gupta is obviously effusive in articulating the value of what Skyhigh is doing:
For the first time, enterprises can take advantage of the cloud without treating it as a threat and having it become Shadow IT… We give enterprise IT organizations immediate visibility, insight, and control so that they can enable cloud service adoption without friction to the employee or the provider
While he’s obviously biased, if one abstracts this away from being a comment about Skyhigh in particular, and looks at it more generally as a comment about cloud discovery, analysis and control solutions, the comment rings true.
Skyhigh is an excellent companion tool to single sign on and other broad offerings that straddle the different services that enterprises use, as such it comes into the watch of vendors looking to become broad-based cloud vendors – I’d not be surprised to see one of those vendors snatch Skyhigh up n a move designed to further lessen IT barriers to adoption of cloud services.