What is our primary use case?
We started with a very clear primary use case, which is what landed us on Bitglass: The need to protect Office 365. More specifically, we wanted to make sure that untrusted devices would not be able to download the full O365 client.
Granted, you can do that with Microsoft tools, if you purchase some of their additional solutions. However, we decided that it made more sense for us to go with an independent CASB that we could leverage for other things as well.
Since the initial deployment, we have looked to expand well beyond the initial use case to protect additional cloud-based environments as well as implement additional functionality, such as DLP.
How has it helped my organization?
While you can't ever guarantee you can prevent a breach, I think Bitglass and their solution are a key component in helping secure our environment. We would not be with them if they weren't a valuable partner, as CASBs, in general, are a key piece of an overall security ecosystem.
In our case, controlling unmanaged devices and preventing them from being able to download full clients is a significant piece of the security and governance overall puzzle. To really control specific data leakage, you would need to fully implement DLP. So, we are in the process of evaluating the Bitglass DLP functionality, though we have not operationalized it yet. It certainly has the capability to secure against data leakage.
What is most valuable?
The platform has a lot of great features that can be utilized, e.g., we have been looking at DLP.
They have some tie-ins to other partners, which is good.
What needs improvement?
A few minor items for consideration:
- Enhanced reporting ( e.g. a report to find out how many users are in specific Bitglass group).
- MFA Enhancement: Perhaps adding an MFA Application.
For how long have I used the solution?
We started looking at them back in 2017, but we didn't implement until 2018.
What do I think about the stability of the solution?
We haven't had any issues with latency; certainly nothing systemic. It operates seamlessly behind the scenes and the uptime has been excellent.
100 percent dedicated staff is not needed. We have one engineer, who is the primary contact for the solution, but is not even remotely close to be dedicated to it.
What do I think about the scalability of the solution?
The scalability is excellent. I don't have any concerns. We have a tremendous number of clients, not agents, routing through it.
We are in the process of expanding our usage now. Our longer-term plan is to sweep much more under CASB.
How are customer service and technical support?
The support and company engagement from day one have been great about being open and available. Over time, I have gotten to know all levels of people within their company, including the CEO, and you can't always say that. It goes to their dedication to their customers and company culture.
It has been a tremendous partnership working with Bitglass. They took the time to understand our use case and have remained just as engaged today, even through their tremendous growth, as they were in the initial sale cycle. One of the things I say a lot, "There are vendors and there are partners." Everybody is good at doing the right thing when everything's going well. But, how a company reacts when you need help or if you have an issue is the true measure of the relationship. To that point, Bitglass has really been a true partner.
Which solution did I use previously and why did I switch?
This was our first foray into CASBs.
How was the initial setup?
The initial setup was straightforward, which was a huge win. That mostly goes to the fact that they are agentless. We didn't have to sit there deploying thousands of agents and all the things that go along with that type of deployment. We were up and running very quickly.
We do have a very small number of users using the agent as their standard proxy. However, almost our entire deployment is agentless, which is one of the things that attracted us to Bitglass.
Once testing was complete, and given the agentless nature of the solution, the deployment was straightforward and the time to realize benefit was really short.
What about the implementation team?
We were initially up and running (with some tweaking and tuning) in about a day. Once Bitglass had the environment setup, it was just a matter pointing our Office 365 environment to route through them.
What was our ROI?
ROI on a security tool is always kind of a tough one, because it's usually risk mitigation. There isn't always a hard dollar ROI, but the solution has absolutely done what we wanted it to do.
What's my experience with pricing, setup cost, and licensing?
Typically, the longer you price forward, the better off you're going to be. They have been very willing to work with us on pricing.
Which other solutions did I evaluate?
We certainly evaluated several other products.
What other advice do I have?
A true single pane of glass is not easy to achieve. The more you do with them, the more you can move towards that goal. As they continue to increase their functionality, the solutions that they offer, and the partners/integrations they have, they are certainly moving more in the single pane of glass direction. For security professionals and CISOs, as much as we can declutter and simplify, that's a great thing.
For us, it has done exactly what we wanted it to do. Bitglass continues to be a valuable partner:
- The relationship is good.
- Support is good.
- The solution works well.
I would rate this solution as a nine plus out of 10.
I did a video with Bitglass a couple years ago. It's out on YouTube. If you Google my company, Ricoh, and Bitglass on YouTube, the video will pop right up. There is a lot of good info there.
Which version of this solution are you currently using?