Skip to main content
Skyhigh Security

3.7.2 Release Notes

Skyhigh for IaaS

Skyhigh for AWS supported on GovCloud Tenants

Customers running Skyhigh CASB in a GovCloud tenant can now use Skyhigh CASB for AWS. To comply with GovCloud restrictions,  HTTPS CloudFront Distributions, Inactive IAM Access Keys, and Unusued SSH Public Key configuration policies are not supported. All other policies are present in GovCloud.

World Readable S3 Buckets Policy

The newest policy checks every bucket for READ_ACP" and "READ for All users and Authenticated users" permissions that could give unauthorized users read access to files in S3. Skyhigh CASB checks in both ACLs and bucket policies for these permissions. Admins are notified of any buckets that need improved security permissions.

Service Governance

Data Jurisdiction

Administrators can use Data Jurisdictions to enforce RBAC roles on data accessed by Skyhigh CASB users, based on Active Directory Attributes, or Enterprise Connector Tags. Once you have created a Data Jurisdiction, you can assign users to it on the User Settings page. For complete details, see Data Jurisdiction

My Dashboard Policy Incident Cards

My Dashboard has included new Incident Management card types, which you can add from My Dashboard or the Policy Incidents page. Card types include Incident Severity, Policy Type, and Response Action. For more information, see Policy Incidents

My Dashboard Reports

You can create reports for the cards on the My Dashboard page. My Dashboard reports are available in PDF format, and can be Run Now or scheduled to run at a regular interval. For details see My Dashboard Report

Service Details Reports

On the Service Details page, click Create Report to automatically create a PDF report for all Service Details and email it to the logged in user. For details, see Service Details

Add a Service to Multiple Service Groups

You can now add a Service to multiple Service Groups. Add Services To Service Groups from the following pages: Services Overview, Service Details, and Cloud Registry. For details see, Manually Add Services to a Service Group

Compare Cloud Services

From the Services Overview or the Cloud Registry page, you can select up to four Cloud Services and view their information side by side to compare Cloud Services in order to make better choices. For details, see Compare Cloud Services

User Access Levels Updated

User Access Levels (Executive, Usage Analytics, and Incident Manager) have been updated to provide access to My Dashboard. The Compliance Manager role has also been updated to provide access to Data Jurisdiction. For details, see User Access Levels

IP Addresses in the Audit Log 

The Audit Log (located at Setup & Configuration > Audit Log) provides a sortable and searchable list of all activity logs performed by registered application users. It now includes information on the user's IP address, where available. For details, see About the Audit Log

Incident Management

Policy Incident Reports

You can now schedule a report from the Policy Incidents Summary and Policy Incidents page. When reports are generated, they are available in the Report Manager in CSV, XLSX, and PDF formats. You must have the Incident Manager RBAC user access level in order to view the reports. For details, see Schedule a Report. 

Skyhigh for Sanctioned Apps

Skyhigh for Workplace by Facebook (Beta)

Skyhigh CASB for Workplace by Facebook provides a way for organizations to leverage existing DLP policies and extend them Workplace messages, reinforcing compliance and security requirements by providing an additional layer of control for activities in Workplace by Facebook. 

  • Was this article helpful?