Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Data Risk Management

Data Risk is evaluated on aspects such as data access, sharing, syncing, and more. You can set weightings for attributes such as file sharing limits or data retention period for effective data risk management across the enterprise.

Data Risk Attributes

The Data Risk score is calculated out of the following categories, attributes, and values defined by Skyhigh CASB. 

Category Attribute Description Possible Value
Data Sharing File Sharing Support Does the service offer a file sharing method as part of its service offering? 10 - No
10 - NA
50 - Not publicly known
80 - Yes
Data Sharing Limits on Data Uploads and Sharing Does the service place limits of file uploads and sharing of data or does it offer unlimited sharing? 

10 - NA
20 - 1GB
30 - Not publicly known
30 - 1GB to 5GB
40 - 5GB to 10GB
80 - Unlimited

Encryption Data Encryption at Rest Does the service encrypt data at-rest in its databases, file systems or at the virtual machine layer? 10 - Yes
10 - NA
30 - Not publicly known
80 - No
Encryption Data Encryption in Transit What mode of SSL or TLS does the vendor support for protecting data in motion?

10 - TLS 1.3
20 - TLS 1.2
30 - V3 Enabled
40 - Both V3 and V2 Enabled
50 - TLS 1.0
50 - TLS 1.1
50 - V2 Enabled
60 - Not publicly known
70 - No

Multilatency Support for Multi-Tenancy Does the cloud service provider provide a multi-tenant offering?

10 - NA
10 - Yes
50 - Not publicly known
70 - No

Multitenancy Encryption with Tenant Managed Keys (Data Mingling) If the service provider supports encryption of data at-rest in the tenant, how are keys managed and who controls the keys? 10 - Multi-tenant with data encrypted per tenant using tenant keys or tenant owned tokenization
10 - NA
30 - Multi-tenant with data encrypted per tenant using SP keys
40 - Single tenant and completely isolated data sets
50 - Not publicly known
70 - Multi-tenant without Encryption
Desktop Application Auto Sync of Data on User Devices Does the service provider offer a data sync application on desktop or mobile that allows for the synchronization of data between the devices and the cloud service provider? 10 - No
10 - NA
30 - Not publicly known
60 - Yes
Data Retention Data Retention Policy on Account Termination After a service contract or account is terminated, when does the cloud service provider delete the data in the tenant? 10 - Data Purged Immediately
10 - NA
20 - Less than 15 days
20 - 15-30 days
30 - 1-3 months
40 - 3-6 months
50 - 6 months - 1 year
60 - More than 1 year
60 - Not publicly known
70 - Data Retained
Data Sharing Predominant Content Type What is the predominant content type for the cloud service provider (e.g., files, photos, music, etc.)? 10 - NA
20 - Photos
20 - Music
20 - Video
70 - Files
70 - Source Code
Data Sharing Provides Granular Access Controls Can the sharing of data be restricted at a user or group level? Can users control the level of access and rights to data? Can the sharing of information or access be controlled by time expiration? 10 - Yes
10 - NA
20 - Not publicly known
60 - No
Data Loss Protection Integrated Data Loss Prevention Capacity Does the cloud service provider offer an integrated data loss prevention capability? 10 - Yes
30 - Not publicly known
80 - No
Encryption Encryption Strength at Rest What encryption strength bit-length is used for data at-rest? 10 - > 256 bit
20 - 256 bit
30 - 128 bit
40 - NA
50 - None
60 - Not publicly known
Encryption Expiry of SSL Certificate Duration when the SSL Certificate  expires. 10 - Less than 1 year
30 - Less than 6 months
40 - NA
50 - Less than 4 years
50 - Not publicly known
70 - Greater than 4 years
80 - Certificate Expired
Encryption Signature Algorithm of SSL Certificate What is the signature algorithm used by the SSL Certificate? 10 - SHA512 With RSA Encryption
30 - SHA256 With RSA Encryption
40 - NA
50 - Not publicly known
60 - SHA1 With RSA Encryption
60 - Others
80 - MD5 With RSA Encryption
Encryption Key Size of SSL Certificate What is the key size used in SSL Certificate? 10 - >= 4096 bits
20 - 2048 bits
40 - 1024 bits
50 - Not publicly known
60 - NA
80 - <= 256 bits
Encryption Data Encryption Supported in Backup Does the service encrypt data in backup in its databases, file systems or at the virtual machine layer?

10 - Yes
40 - NA
70 - Not publicly known
80 - No

Encryption Encryption Strength in Backup What encryption strength bit-length is used for data in backup?

10 - >=2048 bits
20 - 512 bits
30 - 256 bits
40 - 128 bits
50 - NA
70 - Not publicly known
80 - No

 

  • Was this article helpful?