If you were talking to someone whose organization is considering Bitglass, what would you say?
How would you rate it and why? Any other tips or advice?
The product works, and their organization is pretty dynamic. Get a very clear understanding of your use case before bringing the product in. That applies to all CASBs because there are different problems for different people. I feel like a lot of people think this type of solution can solve every problem. You have to figure out what problem you're going to solve, e.g., data protection or user access. From there, the idea is to jump in and bring it on. This industry, as a landscape, is changing from a product perspective. I see CASB converging with other Zero Trust solutions. I am prepared to see evolution of this industry sector because of the changing cloud needs. I would rate this solution as a seven out of a 10. SASA and some other things are a bit premature. As an organization, they have not been in business for a very long time. That comes with some level of challenges. We had an initial support challenge, which got resolved, but that kind of highlighted, as a software company, they're still maturing and productizing their product.
A true single pane of glass is not easy to achieve. The more you do with them, the more you can move towards that goal. As they continue to increase their functionality, the solutions that they offer, and the partners/integrations they have, they are certainly moving more in the single pane of glass direction. For security professionals and CISOs, as much as we can declutter and simplify, that's a great thing. For us, it has done exactly what we wanted it to do. Bitglass continues to be a valuable partner: * The relationship is good. * Support is good. * The solution works well. I would rate this solution as a nine plus out of 10. I did a video with Bitglass a couple years ago. It's out on YouTube. If you Google my company, Ricoh, and Bitglass on YouTube, the video will pop right up. There is a lot of good info there.
I would spend more time on the proof of concept than we did. We didn't really have the available applications to test it as robustly as we probably normally would have. I would give the solution an eight out of 10.
The biggest thing is know your use cases. If you're not sure what your use cases are, have them help define them. When you understand your use cases, you understand how you're going to use the product. It doesn't mean that you don't learn the other bits and functionality of it, but your core duty to your organization is to protect that critical data. Understand what those data sets are and how critical are they: * Are they regulated via the state or at the federal level? * What is it that you're trying to protect? If you can understand these questions, then you can tailor a lot of the training and a lot of what you have for what you need. I talk to my team all the time when we do things, and it has to be sustainable, maintainable and also adaptable. It has to be adaptable to the client because technology is the one thing that we have in business that will change. We know it will change. So, if you're rigid with whatever you're doing and not adapting, then you are already behind. I really like what this product does and what it stands for. We are a nonprofit, and until our use cases change, we are not using the product to its fullest potential. I do not use SASE yet. That is more for budgetary purposes. With the pandemic, our budget allocation has been a bit steep. Biggest lesson learnt: The different ways people can use data. Where they access and share it, then send it, do things, and respond. I understand now the need, more than ever, to evangelize. In the security industry, there's a saying, "Your weakest link is your end user." I tend to disagree now. The weakest link happens to be our security awareness training. How well are we doing there? Because if you train and teach, then things go a bit smoother. With everything that I know about Bitglass and working with the organization as a whole, such as, meeting the CEO on down through new folks, I would rate them a 10 out of 10. They have a fantastic culture and ethic when it comes to the customer first. If I need something, they're there. Just this past week, we went to do an integration of the fifth application, but something happened, and we had to postpone it. Our deployment manager says, "No problem. I'm there." He didn't even wait for me to say what we were going to postpone it to. He just said, "Okay, I'm there." That puts me at ease. They have my back and are there to help.
You should definitely look at Bitglass as part of your process. I think it's still best of class and I think there is a lot of innovation that's happening at Bitglass. In terms of a CASB, and in terms of this new product for SASE as well, they are the best in terms of the feature set that they're offering. As for maintenance, we've got one infrastructure engineer and part of his responsibilities is to look at the weekly logs for Bitglass to see if there are any unusual connections.
Let the community know what you think. Share your opinions now!