I'm comparing CloudLock to Skyhigh and am looking for more details about the solutions. Specifically, I need more info about policy enforcement.
Which solution do you recommend?
I suggest you CipherCloud rather, Ciphercloud provides awesome solution for cloud security, they are the market leaders in cloud security area. Ciphercloud had two product lines
1. encryption gateway and other
2. cloud discovery.
Regarding cloud discovery
They look for lot of vulnerabilities,threats,attacks and insecure ciphers,protocols stuff. they are checking for more than 100 such attributes, which includes the latest attacks released by gatner as well like logjam,pci-dss and all. Its and awesome tool to solve the SHADOW IT problem, provides the risk score for more than 20k+ cloud apps in the scale of 1-10 in security,privacy,compliance and environment modules.
Coming to Policy enforcement :
This tool greatly increase enterprise security since it looks for all the security protocols, SSLV2,V3,TLSV1,TLSV11,TLSV12 and DLSV13.
They allow access decisions to be based on an endpoint's identification as a trusted participant in the organization, no matter where the endpoint is located.
I have built a similar product as such cloud discovery which i can sell you for minimum cost. Please let me know if interested.
For more information contact me :
Phn : 9949536918
id : firstname.lastname@example.org
I have not worked with or reviewed Skyhigh, but I am a big fan of CloudLock. Both the products and the company. They are hugely responsive to input and have a fast development lifecycle. With the new product, policies can be very granular and have multiple response actions to use as the admin refines the parameters to the point they want to implement full enforcement.
Thank you for your valuable reply
That is great question, and I applaud you for being a front runner in understanding that security in the Cloud is becoming a real concern. Elastica is a tier 1 competitor in line with both CloudLock and Skyhigh, we've recently partnered with Cisco as their official Cloud security provider.
Elastica focuses on the entire attack life cycle of before during and after. First step is monitoring the activities of the user, then automatically scanning and classifying compliance related documents. In this way, we give you the flexibility to build and enforce policies such as "anything in Google Drive with PCI compliance shared publicly; block or remove the link".
Haha, I apologize for not being able to directly answer your question. In the end, I would highly recommend you try a free assessment against all three vendors to find the solution and service that fits your personal and professional preferences. I'm happy to set up a bake off for you, its easy too - the great thing about Cloud is that it only takes 5 minutes to get these things up and running.
Feel free to contact me (408) 663 - 5344. email@example.com
What are the pros and cons of each? Is CASB sufficient for my needs?