Netskope Adds Channel Program For SaaS Visibility, Control

Cloud app analytics and policy platform maker Netskope is adding a formal channel program to help fuel growth of its technology, which probes corporate networks to increase visibility and can give IT teams control over the network of Web-based shadow IT services used by employees.

The Los Altos, Calif.-based vendor's SaaS platform discovers cloud apps, providing analytics and policy enforcement. In addition to being able to block the riskiest cloud applications, the company recently added data loss prevention as an optional service, said Gary Ochs, Netskope's vice president of channel sales. Ochs who is rolling out the program this year, said his aim is to keep it simple.

[Related: Protecting The Business From Cloud Application Security Risks ]

"I became very aware of the need to be careful in constructing a program so it doesn't become so overly complex that partners want to shy away from it," Ochs said.

The channel program includes a referral component for consultants, resellers, system integrators and managed security service providers. Sales training will be given in person or remotely and takes about an hour to complete. A demo is available to technical sales engineers, and the company will work with partners until they thoroughly know how to deploy and maintain the platform.

"It's a robust program given the stage of development of this company," Ochs said. "It has all the things that I think the partner would typically expect to see from a partner program."

Ochs, a channel veteran, was at security information and event management vendor, Q1 Labs for a decade where he managed the transition of the Q1 Labs channel program into IBM following its acquisition by the company in 2011. Q1 Labs had a robust partner program that drove a lot of business, he said.

The company is maintaining its direct sales teams and expanding into the U.K. with its direct sales force, Ochs said.

The risks posed by business units adding cloud services without getting a thorough review by the company's legal and IT teams is a constant issue, according to security experts. IT teams trying to get a handle on the problem often block the wrong cloud security apps and services, forcing users to use even riskier applications. At the RSA Conference Security experts said the cloud offers benefits for data storage, but added that organizations need to demand transparency about the underlying security and processes in the provider they select.

NEXT: Early Partner Finds Value

Netskope's platform also provides the business value necessary to get buy-in from executive leadership while at the same time adds the ability to set and enforce security policies, Ochs said. The company has analyzed about 3,000 cloud apps, maintaining a Cloud Confidence Index to help subscribers determine the enterprise readiness of apps based on a variety of criteria including the security risks they introduce.

Controls can be set for both public apps, such as Box.net and Salesforce.com and hybrid and private clouds on Amazon Web Services and OpenStack. Most organizations do not immediately set measures to block them. Instead, most IT teams are figuring out ways to support the most popular cloud services and applying policies and a level of security controls to mitigate risks, said John Wondolowski, CTO of Mill Valley, Calif.-based Chouinard & Myhre, Inc., an early Netskope partner. Rather than just blocking, users of the platform can also set policies to control individual app usage, such as preventing data from being downloaded onto a mobile device or preventing employees from file sharing within certain apps. The optional DLP service enables businesses to set contextual policies against about 400 file types to protect sensitive data from leaving the network. Policies can set controls for both on-premise or remote employees, according to the company. Predefined rules can be set for monitoring of healthcare and credit card data.

Businesses are typically all at different stages of awareness in terms of understanding the magnitude of cloud application usage in the enterprise, Wondolowski said. Getting visibility and policy-based controls is very appealing to not inhibit the staff from using services, but help figure out how to support them better.

"This is more about tactical IT management," Wondolowski said. "Having the ability to set policies is nice, but the analytics would let me see what my employee base is using and I can either help consolidate those to one trusted cloud app or look at my analytics and figure out why two parallel services are running in two separate business units."

Netskope's technology partners include Okta, Onelogin and Ping Identity for authentication, single sign-on and access control. Its product pits it directly against Skyhigh Networks, which sells a SaaS discovery, analytics and policy creation platform combined with encryption and DLP capabilities. CipherCloud, CloudPassage and H yTrust , which acquired HighCloud for cloud encryption, are also in the same space.

PUBLISHED APRIL 8, 2014