Shadow IT: More Cloud Discovery Tools Come to Market – Security Analysts are being Automated

Skyfence_01_375In February I covered a product called SkyHigh Networks, that discovers Cloud Applications in use by an organisation via looking at logs, gave them a risk assessment, and managed them to a degree. Well, now there are at least two more products in the wild, one upgraded, showing that this slice of the software market is heating up.

Ed: Please note, SkyHigh do still offer a free service. See comments.

ICT needs to get away from saying “no” to it’s business customers and start becoming a service broker instead with a good tool set of options to suit any occasion or business need. ICT organisations that have consistently said “no”, often driven in the past year by security contractors, find themselves increasingly irrelevant as the business simply goes out and buys their own IT Cloud based solutions.

If there was any proof that we needed, as ICT workers, to change our operating model to service broker, then this is it. There is no point railing against the business in this regard, in fact, it should be quietly encouraged as it does spawn innovation.

Up until recently SkyHigh Networks has been the undisputed king of managing Cloud services but the original company, CipherCloud, looks to have leap-frogged that product set and a new player, free to use, is in the market as well, proving that this is a hot area and will continue to be so over the next couple of years.

If we go back eighteen months then the hot product was personal encryption. It grew spectacularly fast until we had a mature, evolved market. Cloud service discovery and management is the new frontier with companies and products appearing at a vast rate of knots, because trying to manage these manually, through the use of hands on security consultancy, is very expensive and very, very slow.

Security analysts and consultants are being automated extremely quickly as the market wakes up to this opportunity.

CipherCloud and SkyHigh Networks do much the same thing, up to a point. SkyHigh Networks used to provide a “first hit is free” service that gave you a snapshot of your Cloud services, I am not sure they still do. Cipher Cloud do provide a free first assessment.

Regardless, you shouldn’t be paying for the first review of your Cloud Services. Skyfence allows you to download the software for free and try it yourself immediately.

The services discover what is being used, run it through a risk process, identify high-risk services & who is using them, and then ongoing to manage higher levels of security such as encryption to allow safe usage of hand-picked Cloud services.

CipherCloud’s cloud encryption gateway uses AES 256-bit encryption, FIPS 140-2 validated, and featuring  the highest commercially available level of encryption. AES (Advanced Encryption Standard) was established by the U.S. National Institute of Standards and Technology (NIST) and is widely deployed by government and private organizations globally. AES is a symmetric-key algorithm, using the same key is used for both encrypting and decrypting the data, providing high performance and scalability. – Source

Cipher Cloud provides heavy encryption and also tokenization, an interesting technology that allows you to get around data sovereignty rules, for certain services, and provides a very high level of security for sensitive data. This is where Cipher Cloud started. Recent product upgrades have seen integrated Malware tools as well.

For organizations with strict data residency requirements, CipherCloud provides the ability to retain specific sensitive data on-premises while using cloud-based applications. Tokenization substitutes randomly generated values for the original data, which never leaves the enterprise.

Skyfence has just entered the market in recent times with similar products, though perhaps a little less wide in their coverage. The nice thing about Skyfence is that you don’t need to talk to them to get your free audit, you can download the tool directly from the website and do it yourself. This is an excellent option for an organisation that doesn’t want to deal through a sales transaction initially.

Skyfence has a product set with limitations that remains free forever and you can also trial the full enterprise system. I suspect for most government agencies and New Zealand companies this would be more than adequate.

Now there are other products out there as well, though they tend to be Cloud specific. For example, Azure discovery or similar.

What is certain is that security is being automated and this market is now competitive giving us various options for discovering and managing what the organisation is consuming with Cloud.


  1. Hi Ian,

    Just thought I’d offer some clarification on a few points:

    Skyhigh does indeed still offer a free cloud assessment of our service, and we will continue to do so – anyone can request a free assessment via our website.

    In terms of the free software Skyfence provides: many of our customers have indeed tried it, and then still chosen to purchase Skyhigh. The reason is not just the difference in the number of cloud services that we can discover; it’s also the depth of information that we provide through our registry, combined with our big data and behavioural analytics.

    I would strongly encourage all companies to do their due diligence and evaluate as many CASB vendors as possible. We’re very confident that customers will see the difference in value that Skyhigh can provide.

    Best regards,
    Tim Stead
    Systems Engineering Manager, Skyhigh – ANZ

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: