Skip to main content
Back to Blogs

Industry Perspectives

Minimizing Cloud-based Shadow IT Risks

May 11, 2023

By Shawn Dappen - Director, Systems Engineering, Skyhigh Security

One result of the recent pandemic is that many enterprises are moving to leverage the benefits of cloud-based applications and data. Over the past three years, the average number of public cloud services in use increased 50%. However, they are naturally concerned that the cloud is an environment with many nefarious actors, both at home and abroad, endeavoring to compromise sensitive data for their own malign purposes. In addition, shadow IT–where employees utilize cloud services without IT approval or involvement–increases the risk of data breaches. As a result, today’s post-pandemic environment is a complex mix of remote and hybrid workplaces with remote workers accessing cloud applications, public cloud environments, and private access networks, from various locations, none of which may be under IT’s direct control.

This is one reason why the Zero Trust Maturity Model (ZTMM) Version 2, recently released by the Cybersecurity and Infrastructure Security Agency (CISA), is so important.

Zero trust is designed to “prevent unauthorized access to data and services coupled with making the access control enforcement as granular as possible.”

This fundamentally underscores Skyhigh Security’s vision to protect the world’s data.

Because traditional security solutions are insufficient in this environment, ZTMM focuses on five pillars: Identity, Devices, Networks, Applications and Workloads, and Data, each which evolves over time in discrete stages, beginning with “Traditional”, then moving to “Advanced” and finally achieving “Optimal.”

Version 2 extends ZTMM by adding a new “Initial” stage between Traditional and Advanced, highlighting the fact that different organizations begin their journey toward zero trust from different starting points. Enterprises then use the criteria for each stage to identify the level of maturity associated with each pillar, improving understanding of areas of concern and increasing consistency across the entire model.

The Skyhigh Security Service Edge Portfolio aligns with ZTMM in a number of key ways. It includes Skyhigh Secure Web Gateway, Skyhigh Cloud Access Security Broker, Skyhigh Private Access and other products, integrated into a comprehensive cloud platform, with Data Loss Prevention as a core capability orchestrated across the web, cloud and private apps. This technology works together to protect sensitive data by ensuring that sensitive data is kept secure regardless of who is accessing it, what device they’re using to access it, or which network they’re accessing it from.

But a big concern with zero-trust security is how to implement it without hobbling employee access to data and negatively impacting their productivity. This is why we developed sophisticated, yet simple-to-manage solutions to protect data. By enabling a precise understanding of who is using data, and how they are accessing it, enterprises of all sizes can optimize and enforce zero trust rules without impacting productivity by enforcing overly restrictive access policies.

The shift to remote and hybrid workplaces, coupled with the increasing use of unmanaged devices by employees (our internal research reveals that six in ten organizations allow employees to download sensitive data to personal devices), makes it more important than ever to have a security solution that is both robust and flexible. Skyhigh Security is committed to cutting edge leadership of the latest security standards and frameworks, such as ZTMM Version 2. Our cloud platform does just that by enabling our customers to employ a multi-pronged, coordinated approach to security that protects sensitive data regardless of who is accessing it, what device they’re using or where it is being accessed from.

For more information on how Skyhigh Security helps federal government agencies and government contractors adopt cloud technologies to improve efficiency, support agility and reduce costs, visit our certifications page, or request a demo. 

Back to Blogs

Related Content