Skyhigh for IaaS
Skyhigh for AWS supported on GovCloud Tenants
Customers running Skyhigh CASB in a GovCloud tenant can now use Skyhigh CASB for AWS. To comply with GovCloud restrictions, HTTPS CloudFront Distributions, Inactive IAM Access Keys, and Unusued SSH Public Key configuration policies are not supported. All other policies are present in GovCloud.
World Readable S3 Buckets Policy
The newest policy checks every bucket for READ_ACP" and "READ for All users and Authenticated users" permissions that could give unauthorized users read access to files in S3. Skyhigh CASB checks in both ACLs and bucket policies for these permissions. Admins are notified of any buckets that need improved security permissions.
Administrators can use Data Jurisdictions to enforce RBAC roles on data accessed by Skyhigh CASB users, based on Active Directory Attributes, or Enterprise Connector Tags. Once you have created a Data Jurisdiction, you can assign users to it on the User Settings page. For complete details, see Data Jurisdiction.
My Dashboard Policy Incident Cards
My Dashboard has included new Incident Management card types, which you can add from My Dashboard or the Policy Incidents page. Card types include Incident Severity, Policy Type, and Response Action. For more information, see Policy Incidents.
My Dashboard Reports
You can create reports for the cards on the My Dashboard page. My Dashboard reports are available in PDF format, and can be Run Now or scheduled to run at a regular interval. For details see My Dashboard Report.
Service Details Reports
On the Service Details page, click Create Report to automatically create a PDF report for all Service Details and email it to the logged in user. For details, see Service Details.
Add a Service to Multiple Service Groups
You can now add a Service to multiple Service Groups. Add Services To Service Groups from the following pages: Services Overview, Service Details, and Cloud Registry. For details see, Manually Add Services to a Service Group.
Compare Cloud Services
From the Services Overview or the Cloud Registry page, you can select up to four Cloud Services and view their information side by side to compare Cloud Services in order to make better choices. For details, see Compare Cloud Services.
User Access Levels Updated
User Access Levels (Executive, Usage Analytics, and Incident Manager) have been updated to provide access to My Dashboard. The Compliance Manager role has also been updated to provide access to Data Jurisdiction. For details, see User Access Levels.
IP Addresses in the Audit Log
The Audit Log (located at Setup & Configuration > Audit Log) provides a sortable and searchable list of all activity logs performed by registered application users. It now includes information on the user's IP address, where available. For details, see About the Audit Log.
Policy Incident Reports
You can now schedule a report from the Policy Incidents Summary and Policy Incidents page. When reports are generated, they are available in the Report Manager in CSV, XLSX, and PDF formats. You must have the Incident Manager RBAC user access level in order to view the reports. For details, see Schedule a Report.
Skyhigh for Sanctioned Apps
Skyhigh for Workplace by Facebook (Beta)
Skyhigh CASB for Workplace by Facebook provides a way for organizations to leverage existing DLP policies and extend them Workplace messages, reinforcing compliance and security requirements by providing an additional layer of control for activities in Workplace by Facebook.