Skyhigh Security announced it’s enabling organizations to adopt artificial intelligence applications in a secure manner that protects sensitive, confidential, and business critical information through its Security Service Edge (SSE) portfolio.
Skyhigh Security’s technology protects data and stops threats in the cloud across all websites, SaaS applications, IaaS environments and Shadow IT, from a single, cloud-native enforcement point.
Skyhigh Security’s purpose-built SSE platform is future-proofed with advanced data protection controls that directly apply to AI apps to protect customers’ business critical data. The same controls will apply to all new and emerging cloud applications in the future to protect against the risks of data loss.
Skyhigh Security also delivers the largest and most accurate cloud registry of over 40K+ cloud services, based on a detailed security assessment across more than 75 objective criteria. The Skyhigh Cloud Registry quickly identifies new generative AI apps and the corresponding risk level for each app.
According to Skyhigh Security’s global telemetry data from the first half of 2023, close to a million of its users have accessed ChatGPT through corporate infrastructures. The volume of users has increased by 1500 percent from January to June, demonstrating the unprecedented momentum and adoption of generative AI applications across organizations and industries.
Because of the risks associated with ChatGPT and similar AI applications, many organizations are seeking ways to ensure data is protected while allowing for productive use of the technology.
“Securing corporate data in SaaS applications, like ChatGPT and other generative AI applications, is what Skyhigh Security was built to do,” said Anand Ramanathan, CPO, Skyhigh Security. “We currently track more than 500 different AI cloud service providers as part of our registry—a 130 percent increase since January. Through the Skyhigh SSE portfolio, organizations already enjoy granular visibility and control of these apps, protect sensitive data, and meet compliance regulations such as PCIDSS, HIPAA, and GDPR, all in one comprehensive solution. We ensure our customers have the appropriate guardrails in place.”
“Skyhigh Security is paving the way forward for organizations to drive productivity and innovation by adopting AI technologies, while reducing risk and protecting critical business data,” said Dan Meacham, CISO, Legendary Entertainment.
“At Legendary Entertainment, we use the Skyhigh Cloud Platform to help us monitor our generative AI traffic and prevent inadvertent uploads of regulated data, such as PII or trade secrets, or downloads of fake or malicious apps. It provides crucial insight into the corresponding risk levels of workflows pertaining to different AI tools and applications, along with the amount of data being posted within them. This visibility is essential for us to accelerate business productivity, while ensuring our risk is efficiently mitigated,” concluded Meacham.
The Skyhigh SSE portfolio includes Skyhigh Cloud Access Security Broker (CASB), Skyhigh Secure Web Gateway (SWG), Skyhigh Private Access and other products, integrated into its comprehensive Skyhigh Cloud Platform, with Data Loss Prevention (DLP) as a core capability.
Through its CASB for Shadow IT and SWG capabilities, it provides advanced data protection for organizations that allows the use of AI applications, including:
- Visibility into AI applications in use, as well as their corresponding risk levels. With insights into usage trends, businesses can exercise greater control over their data.
- Control over the amount of data uploads/in posts, lowering the risk of unintentional access to sensitive data.
- Flexibility in giving access to AI applications. Block complete access to AI applications for all users or simply block just risky/specific AI applications. Restrict AI applications used within your organization by providing access only to users with a business justification.
- Improved security awareness across the organization by coaching users on the risks of utilizing AI applications. Add pop ups whenever users access these sites, which direct them to not input any sensitive info in the application and note that it will be monitored by DLP.
- Reduced risk by automatically disabling and deleting the conversation history within AI applications, like ChatGPT, so that corporate data cannot be used to train the system.
- Prevent copy/paste of sensitive content into AI applications, like ChatGPT, by leveraging Skyhigh Security’s Web Isolation capabilities.
- Protect sensitive data from being uploaded to AI applications like ChatGPT. Apply DLP policies to block sensitive data from being posted, including social security numbers, bank account numbers, proprietary IP such as source code, employee and customer names.