What is our primary use case?
Bitglass allows us to leverage cloud applications with security. What that means for us is that, as our applications are moving from on-premise to the cloud, we can have security controls on who logs in, around when they log in, and what data they're accessing. That's what Bitglass allows us to do.
We're not using the proxies. We're only using it for the login policy management.
How has it helped my organization?
We can now allow people to access cloud apps on their laptops, safely and securely, when they're not in the office. It allows us to have more flexibility, working from home or remotely during COVID. This is a security platform that allows all that to happen. Without having Bitglass, our work from home strategy would be drastically different and our potential for productivity would be reduced.
The solution provides a single platform for CASB, web security, advanced threat protection, identity, data loss protection, and zero-trust network access. It does all that in one product. It's good because it allows us to adopt more and more cloud apps. It really gives us the flexibility to pursue any new technology that is going to benefit our organization and that is in the cloud.
Bitglass also provides a single policy page to secure all of our interactions to the cloud applications. It does not do it for on-prem, in our case. It could do so, but not the way that we have it configured. But for our cloud interactions, we have unifying policies; a single spot on the platform. From there, we can say, "This set of cloud applications needs to follow this policy." From that point, we can see which policies are being applied. So it's a single spot for policy management. It simplifies our security operations.
What is most valuable?
The core CASB solution is the most valuable part. It allows us to put policies in place around which devices can log into our cloud applications. We have a policy that states that only company devices can access these cloud applications. Our most sensitive data lives in our email, which is in the cloud, and in Slack, which is our messaging platform, and it lives in Box which has all of our files. The ability to access all of that, our critical data, has to be from a device that's company-issued so we know that the security level and the encryption level are up to a certain point.
It does a great job of securing us against data breaches and attacks. Prior to our moving over to Bitglass, we had one incident where someone's password was compromised. Whoever the hacker was, was able to log in and then send emails on behalf of this individual at our company. After we implemented the Bitglass solution in front of email, that scenario was no longer possible. They can't log in from a device that's not company-issued because now we have these policies set in place.
In terms of how the solution secures us against data leakage, their technology is good in the sense that it resides at the login point. That means that at the point that you're trying to get to the application, you need to fulfill a certain set of applications or a certain set of policies.
What needs improvement?
Their new SASE (secure access service edge) product would have been the one thing I would have requested. Now that they have that platform, I'd like to see it as integrated and seamless as possible with the core product. That's what they're working towards and that's where we're seeing the advancements.
For how long have I used the solution?
I have been using Bitglass for over two years.
What do I think about the stability of the solution?
The solution's overall uptime is good. We haven't had downtime for Bitglass in production.
What do I think about the scalability of the solution?
For us, it's scalable. We have not seen any issues.
We've got a 50-user license for our company. The users are from across the company, and our adoption rate is 100 percent.
How are customer service and technical support?
Their tech support is good. They're a 10 out of 10 in responsiveness and they're an eight out of 10 in getting the resolution, which usually involves code changes.
Which solution did I use previously and why did I switch?
This is our first CASB solution. We went with Bitglass for the security of our cloud apps.
How was the initial setup?
The setup is fairly straightforward. It's not perfectly straightforward because you need to understand how it integrates within your cloud apps. Once you have the connection, the identity providers, then setting up the policies is easy.
We ran deployment and testing for about a month before going live.
In terms of our implementation strategy, we had a separate instance of the cloud apps running in parallel to test out all the policies and to fine-tune all of our policies. Once that was complete, we used that on our production tenant.
What about the implementation team?
We worked with an integrator called RFA, but we did most of the testing on our side.
What was our ROI?
We have absolutely seen return on our investment with Bitglass. From a cybersecurity standpoint, we have more controls. And from a productivity standpoint, we have more and more cloud apps that we have deployed, and that's really working in our favor.
Which other solutions did I evaluate?
We looked at Netskope and Skyhigh, but that was this two years ago so our comparisons are fairly outdated now. But at that time, Bitglass had the best SAML integration, which is the identification and integration services. That was the key for us as we were looking to connect into a lot of cloud applications.
What other advice do I have?
You should definitely look at Bitglass as part of your process. I think it's still best of class and I think there is a lot of innovation that's happening at Bitglass. In terms of a CASB, and in terms of this new product for SASE as well, they are the best in terms of the feature set that they're offering.
As for maintenance, we've got one infrastructure engineer and part of his responsibilities is to look at the weekly logs for Bitglass to see if there are any unusual connections.