“Shadow IT” can be a real security risk, it can also present a significant support pain, even when your IT doesn’t endorse any of it.  Enterprise shops have been dealing with this forever as computing and applications become increasingly commoditized and easy to take on.  Web services is one of those risks and an emerging company has a solution for securing these.  Skyhigh Networks, which was founded by a bunch of ex-Cisco guys and is based out of Cupertino, came out of stealth mode to announce their product at this year’s RSA.

The mission of the company is to allow enterprises to get a handle on non-sanctioned cloud services like Box, Dropbox, and AWS with visibility and governance in mind.   The service touts a dozen significant pilot customers and that is sure to grow.  The opportunity for the enterprise to gain a hold on these concerns is critical, public cloud services are projected by some estimates to grow at a 400% rate compared to the general IT market.  As the enterprise is making strides to gravitate to cloud services, it needs to retain control and awareness of where it is being used.  That is where Skyhigh Networks comes in.

Skyhigh’s multi-tenant service was built to address the Cloud Adoption lifecycle, and delivers discovery, analysis, and control of these elements.  Once the discovery collects instances, it then analyzes the information for issues, and is then able to set controls such as encrypting data bound for Box with enterprise keys.  The enterprise could choose a number of control actions that are suited to their management and critical security goals.  The product is completely compatible with any IT stack, which makes it flexible for any environment.  The Skyhigh gateway can also be implemented on premises for particular use cases.  The service has a full dashboard that features all the counts, ratings and reporting an enterprise would expect of such a product.

Whether this product makes shadow IT a thing of the past remains to be seen.  Some organizations may do all they can to limit user capabilities, while others will more likely utilize this tool to at least get a hold of what’s going on, what is coming in and out of the enterprise and selectively choose what works for that business.  This could mean a big change from the traditional shadow IT “Don’t Ask Don’t Tell” policies and deliver a really great chapter around enablement with web services more secure and copacetic to the concerns of the enterprise.  It is like being the broker of web services that was talked about some ten years ago, except now it’s so relevant.  One directory – with all services accounted for, analyzed, structured and the ability to put policy on top of that – IT shops are going to eat this up.