Skyhigh Networks has announced an extension to their joint business relationship with PwC Australia to help organisations identify, manage and govern risks associated with sanctioned cloud services. Specifically, PwC Australia’s Cloud Governance as a Service (CGaaS) is a holistic managed service that leverages Skyhigh’s Cloud Access Security Broker to provide an end-to-end governance and security platform for enterprise-wide deployments of cloud applications like Office 365, Salesforce, Box, and Dropbox.
“Security leaders know that business goals can be achieved only when the same security principles and governance being applied in-house are also applied to the public cloud. CISOs should recommend (to both business and IT) business-ready cloud services that satisfy security and governance standards.” Gartner, Inc., Mind the SaaS Security Gaps, Craig Lawson and Sid Deshpande, May 19, 2016.
Recognising that cloud use is accelerating, IT, Security and Risk/Compliance leaders are shifting focus from controlling the unknown to strategically leveraging SaaS applications. However, the ability to build a Cloud Governance function within organisations and staff it with appropriately skilled resources is challenging in the current Australian skills-shortage climate. The joint business relationship between Skyhigh and PwC Australia aims to address this and enables the next wave of cloud adoption. “Organisations face a new set of challenges managing risk from thousands of employees on sanctioned cloud platforms,” said Peter Malan, Partner and Australian Digital Trust Leader for PwC Australia. “Even though enterprise cloud providers have made significant investments in security, organisations are ultimately responsible for managing risk from use of these cloud services by internal and external users. Skyhigh Networks and PwC Australia will now deliver risk management at scale for the trusted cloud services organisations use to host their most sensitive data and operations.”
Organisations typically standardise on a handful of Enterprise-Ready cloud providers like Office 365, Salesforce, Box and Dropbox. With sanctioned cloud applications, employees can easily upload, download, and share data across locations, devices, and partner organisations. PwC Australia’s CGaaS can help organisations gain visibility of risk across thousands of employees and millions of transactions worldwide and implement the appropriate governance processes to ensure the risks are adequately managed. PwC Australia’s CGaaS addresses a number of key challenges including some the following:
- Controls that existed internally to secure information may not exist in sanctioned cloud environments or may require manual monitoring, without any means of enforcement. PwC Australia’s CGaaS enables organisations to discover high risk activity and utilise the necessary controls to prevent and remediate those risks. For example, an organisation could detect a DLP policy violation, quarantine the file, and educate the user on corporate policies.
- Organisations can have difficulty achieving compliance with industry or international regulations. With PwC Australia’s CGaaS, organisations can develop and implement the necessary risk and control frameworks to monitor and manage compliance across all sanctioned cloud services. For example, through appropriate risk assessment, an organisation can determine that encryption of data is required using self-managed encryption keys before production data can be put into the cloud service – thereby satisfying local security and data privacy requirements. PwC Australia’s CGaaS enables organisations to make these risk based decisions, and then ensure that the controls are in place and effective to manage this compliance mandate on an ongoing basis.
- Cloud powers mobility in the workplace. With PwC Australia’s CGaaS, organisations can identify and govern the appropriate controls that should be in place to BYOD while still enforcing security requirements. For example, an organisation could allow viewing but prevent downloads on an unmanaged mobile device. This can be monitored in real-time to ensure usage is appropriate and the implemented controls are effective.
“Collaboration and ease of use are fundamental tenets of cloud use, but these attributes can also lead to accidental and unintentional threats when corporate data is involved,” said Chris Cesio, VP of Business Development at Skyhigh Networks. “Companies need to consistently enforce security, compliance, and governance across millions of data transactions across multiple cloud applications. We are delighted to expand our Joint Business Relationship with PwC Australia and provide the CASB platform behind PwC Australia’s CGaaS offering.”
Skyhigh Networks, the cloud security and enablement company, allows enterprises to safely adopt cloud services while meeting their security, compliance, and governance requirements. Over 500 enterprises including Aetna, DIRECTV, General Mills, HP, and Western Union use Skyhigh to gain visibility, manage threats, ensure compliance, and protect corporate data across shadow and sanctioned cloud services. Headquartered in Campbell, Calif., Skyhigh Networks is backed by Greylock Partners, Sequoia, and other strategic investors.
More Information About PwC Australia’s Cloud Governance as a Service
For more information relating to PwC Australia’s Cloud Governance as a Service, please contact Peter Malan, Partner: firstname.lastname@example.org.