Skyhigh Security Reviews

The primary use case is to prevent employees from extracting the data out of their corporate system and getting them outside through Gmail and things like that.

Predominantly, there are two valuable features: One is the data loss and the other one is network loss. 

It also prevents you from writing data to your Gmail and does not allow you to move your data outside of the corporate system. That is the most important feature for me.

I would like to see more power being given to the admin. In the sense that in case an employee is facing an issue and they want to configure a service, like attaching an email in Gmail, for example, they should be given the option to make the service request and get that configured on the go.

Stability has been good so far. 

We have 14,000 users using this solution, all of the employees in the company. Everybody has it installed on their laptops or their desktops.

I would advise someone considering this solution to configure it the way the OEM advises you. You should have a list of customization.

I would rate it a seven and a half out of ten. 

We use it for cloud risk services.

It monitors the cloud usage of our company and shows the status on the main dashboard. There, we can see what kind of cloud applications are being used and see a risk assessment for each one, indicating low, medium, or high. For each cloud application, we can see how many users are using it. It's like auditing for each cloud application. In that way, it gives in-depth visibility and a granular monitoring facility for the company: What is happening inside the company, what people are using, what kind of data is going through the company. It really helps in understanding cloud traffic.

There is one feature called data governance that shows all the cloud services which are used.

There is another one called cloud registry where we can see a risk assessment for the cloud services being used. If we want to add a new cloud service or a new cloud application, we can check into it and do an assessment through the cloud registry. That is the feature that I like most.

Generally, it is available.

The scalability is pretty good. The only thing we have faced is that sometimes, randomly, the portal becomes too slow. We only have between 100 and 150 users of the portal, which is a fairly small number, but scalability is not really an issue.

In terms of extent of use, it will monitor all the cloud usage in the company, whether there are 100k or 200k users. It will monitor everything, whatever comes from the logs, and present the data in an understandable format.

Technical support is pretty good.

This is our first solution of its kind.

We have definitely seen an ROI over the years we have been using it; not from a dollars perspective but in different ways.

They definitely charge a huge amount. All the security service providers charge a huge amount.

At the time we chose this product, we did not evaluate others, but recently we have a looked at a couple of other products. The others are pretty good. They have come up with a lot of innovation, improved security, and developed a lot of enhancements. In different ways, everybody is good.

Do a PoC for a week or ten days. If you don't like it, go with another vendor. But I believe you will like it.

It's not necessary to give access to everyone in the company to monitor their cloud usage. There are specific teams that use the platform for a specific purpose.

They have improved a lot. Every month or every three months they are coming out with a new update. Whatever we have asked for recently, they have added it to their roadmap. Since McAfee acquired the SkyHigh applications, there will be a lot more features to come. We are expecting a lot of features to be onboarded to the platform.

For our use case, what we currently have is good enough.

The solution is basically it's a cloud access security broker. It's basically the leading cloud access security broker in the market. If you are talking about getting controlling access to AWS, Azure or Google cloud, or most of the major cloud providers, they can integrate that to help protect an organization from data loss, breaches, or from unauthorized access in general.

I actually had an encounter with a government entity. They had a lot of their staff leaking government data, and they were using a website, a known website called WeTransfer. It's a Chinese website that's used to transfer big files without you needing to create an account. Users in the company were basically, whenever they wanted to transfer files, doing it through this site and unintentionally leaking data.

This week, the POC installed the McAfee web gateway, integrated the MVISION Cloud, and got insights. A lot of their business was done on WhatsApp within their systems. An yet, until this moment, they had no visibility over this. Now they have it. Now they know, and they can initiate changes.

What I really like about the product is something called the ability to view the sanctioned IP apps, which is a major challenge for organizations today. There are sanctioned IP apps or unsanctioned IP apps. In an organization, you will find employees that will use services or applications for the business, which are not authorized by the IT department, and the organization fails to have visibility over this.

What McAfee can provide is full details into what your users are doing on the cloud. For example, lots of employees may be using WhatsApp for conducting critical business workflows, and yet their organization is not permitting them to use WhatsApp. Without a solution such as this, the company will never find out if they actually are using WhatsApp and to what rates. With MVISION Cloud and their web gateway, companies basically get visibility and insights into what their users are using on the cloud.

The product has the ability to provide insights and also to advise on misconfigurations on the cloud. For example, I may be a cloud customer and I'm using IS workloads or infrastructure and service workloads on Azure. I may have object storage configured on Azure, however, this object storage didn't get secured properly. It was publicly open. The system can suggest changes to alert you to this item and advise on how to fix the issue.

With MVISION Cloud, you can actually get detection notices. It will notify you, tell you, hey, be careful. You have object storage that is open to the public. You should lock it down, should have restricted access. You should have some credentials here or there. It will basically act like an advisor for your cloud configuration as well. This is what I really like about it, to be honest. It can tell you if something can go wrong before it happens. It allows you to fix things before situations can get out of hand.

In terms of their compatibility with major cloud providers, in terms of their abilities, capabilities, and features, they exceed everyone's capabilities in the CASB market.

Their integration capabilities are vast. They seem to be able to integrate all major clouds. 

The solution is very stable.

The solution can scale.

Technical support has been very helpful.

The solution is the leader in the market right now. It's hard to consider where it falls short, as it is so far ahead of everything else.

One thing that can be improved is their ability to integrate with other web proxies to discover unsanctioned IP apps. That can be room for improvement.

I'd love to see an on-prem version of the product. Instead of McAfee providing the service, it should be also software available for customers in the market to install on their data centers.

The solution has been very stable. We haven't had issues with it. It doesn't crash or freeze. It's reliable.

It's not software that you can install. Scalability is on McAfee's end. It's not on the end-user or the partner or any of them, as it's a cloud service basically. However, it scales to meet your company's needs.

We have about ten customers currently using the solution.

Technical support has been very good. It's amazing, especially for the MVISION Cloud portfolio as it's a different team. In general, it's good. We are quite satisfied with their level of support.

You don't install the solution. The dashboard comes from McAfee Cloud. You just integrate it with your cloud, and you enter your credentials to your cloud providers. If you want, you can integrate it with an on-premise McAfee web gateway to get insights, shadow IP, sanction IT apps, look for unsanctioned apps, and whatnot. However, it's not software that you can take and install wherever you like. It's a service, basically. 

Honestly speaking, there is no competitor for MVISION Cloud. There are competitors in the market, of course, in the CASB market, lots of them. However, there's no one that's reached the level of MVISION Cloud just yet.

I don't have much experience with McAfee MVISION Cloud, however, I do have a good understanding of it. I also managed to pitch it and demo it to one customer and sold it a couple of times. 

It's originally not a McAfee product. It belonged to a company called Skyhigh before, which was acquired by McAfee. 

I'd rate the solution at a nine out of ten. I don't believe in perfect solutions, however, this is quite good. I haven't ever seen anything quite like it. 

I'd recommend it to other users. If a company is having workloads on the cloud, whether it be on Office 365 or AWS or Azure or Google cloud or IBM cloud, whatever cloud, it's highly recommended for them to at least consider MVISION Cloud as it can really help them secure their access to their cloud workloads. Especially those customers who have a hybrid cloud. They will most likely want a CASB that will be able to manage both clouds from the same dashboard.

We implemented Skyhigh for Shadow IT monitoring as well as Microsoft Office 365 real-time auditing. We monitor these on a daily basis and are currently in the process of implementing policies if certain activities are done by our end users.

We have gained a deep insight into our Shadow IT usage as well as the different activities involved in Office 365. Without Skyhigh, we had zero visibility, but now we are aware of so much more.

The risk rating of each cloud application has been very useful. Whenever we discover a new application is use, we are able to quickly determine if this application is safe to use and whether or not we should allow our end users to be able to access it.

Though the Skyhigh Dashboard is processing large amounts of data, the speed of the Dashboard could be improved. Also, it would be nice to be able to get more advanced search functions to filter out data and quickly obtain the data that we need.

All the information available on each service, including its risk assessment. Service groups, automatic assignment of services based on designated conditions, and the ability to utilize multiple log sources for the data.

Provides quite a bit of visibility into cloud services being utilized in our environment. I've been able to take the data available in Skyhigh and create discussions about whether we should be allowing or blocking certain services. This has also allowed us to start developing policies/procedures around new services which get introduced into our environment.

Iron out the few bugs that I've seen.

Less than one year.

None that I'm aware of.

No issues with stability.

No issues with scalability.

A 10 out of 10.

A 10 out of 10.

We did not previously use a different solution.

Unknown, as I was not involved in the setup process.

Unknown, as I was not involved in the procurement process.

Unfortunately, I don't have this information.

Not applicable, as I was not involved in the decision to go with this product.

My experience with this product is from an evaluation standpoint. Since everybody is adopting cloud technologies such as SaaS, PaaS, and IaaS, they want to ensure that their data is secure. This product can be used to help people access our cloud applications securely, control users, and manage data movement over the cloud with respect to our data classification policies.

We have conducted a PoC but have not used it in our production environment.

They provide a variety of options for scalability, where we can use it over the cloud, or we can deploy it on-premises through our proxy. We can also use agent-based installation. Together, from a coverage point of view, the solution is pretty good. The other products that I have evaluated do not have the scalability options that McAfee has.

It needs to be more user-friendly, as it is a little bit complicated to use.

They should implement straightforward automation capabilities that include the integration of AI and ML. It should be able to handle solutions quickly whenever a rule has to be created. It should, for example, suggest to the admin that if there is any indication of data corruption then a notification will be sent. In addition, initial steps will be taken to ensure that the data is safe.

We evaluated McAfee MVISION Cloud for a couple of weeks. 

It is meant for large organizations and it will support more than 10,000 users.

The technical support is good and they are customer-friendly. We don't use the support for MVISION Cloud but we use McAfee support for other products, and we are satisfied.

As part of our evaluation process, we have used several solutions from different vendors.

This is an expensive product, although it is made for larger enterprises and not for small organizations. This is generally the case with McAfree enterprise solutions.

This is a product that I recommend.

I would rate this solution an eight out of ten.

We use the solution for endpoint security. 

The solution is hard to configure, our team does not have specific training requirements for McAfee making it difficult. Another issue is with decreasing performance with desktop and laptop due to the solution.  

In a future release, I would like them to add email protection as part of their offerings. 

We have been using the solution for one year.

I found the solution to be stable.

We have not tried to expand the solution. There are 40 users using it in our organization.

The initial setup of the solution is not easy, it is complex. 

The solution requires a technical team for deployment because it is challenging. 

The price of the solution is good and we pay an annual license.

I will recommend the solution to other users. However, I would suggest having a deployment team assisting with the installation. 

I rate McAfee MVISION Cloud a seven out of ten. 

We use this solution as a CASB, a Cloud Access Security Broker, to gain insight into our cloud environment. We integrate this solution for our clients as a companion service to our main cloud product.

It gives us visibility into how the data is being used within our cloud environment. It shows the flow of information, and in our case, it has to with documentation that is restricted. For example, if a document contains credit card information or social security numbers then we are able to track it when somebody tries to delete them or do something else that is prohibited. We get flagged, which is the key. It enhances the visibility of what's in our cloud environment.

The most valuable feature for us is the integration with DLP. 

The biggest challenge we have with McAfee is their cross-cloud support. They tend to lag by a few months, in terms of providing support for new cloud platforms, or new cloud features. We're primarily focused on SaaS, so the other opportunities for them to improve their integration is with AWS and PaaS.

I would like to see better integration with on-premise tools.

That stability is good. It's a very good tool.

We have had no problems in terms of scalability.

We have a team of about forty people who use it. There is the DLP team, the various tenant cloud security administration team, and we also have our staff that uses it.

We found that the documentation is meager, but the response time from technical support is very good.

We did not use another solution prior to this one.

This solution is very easy to set up.

It took us about a month to get it up and running, but it took us four months to figure out how to use it amongst the different teams.

The licensing fees are based on what environments you are monitoring.

We did evaluate a couple of other options, and we have other solutions as well. We have Evident.io, one from Cisco, and one from Palo Alto. None of them are good in every environment, so we use a combination of these solutions.

I have found, based on implementations for multiple clients, that Evident.io doesn't meet the needs of all of the people. Evident.io is not a security protocol. It gives you visibility into your cloud, but it's not a broker. It's just an analysis tool. It is very PaaS-friendly, but not a SaaS-friendly tool. This is opposed to Skyhigh, which is SaaS-friendly but not PaaS-friendly.

My advice for anyone who is implementing this solution is to know what roles you will need to grant access to and have your roles predefined.

This solution has good coverage and good integration with other McAfee products. I am not giving it a perfect score because of the uneven coverage for other platforms. They tend to lag in terms of support for new platforms and new tools that come out on the cloud. 

I would rate this product a seven out of ten.