2020-08-05T06:59:00Z
Miriam Tover - PeerSpot reviewer
Service Delivery Manager at PeerSpot (formerly IT Central Station)
  • 0
  • 3

What advice do you have for others considering Bitglass?

If you were talking to someone whose organization is considering Bitglass, what would you say?

How would you rate it and why? Any other tips or advice?

6
PeerSpot user
6 Answers
RK
Director, Cloud & Data Security at a financial services firm with 5,001-10,000 employees
Real User
2020-09-07T05:57:00Z
Sep 7, 2020

The product works, and their organization is pretty dynamic. Get a very clear understanding of your use case before bringing the product in. That applies to all CASBs because there are different problems for different people. I feel like a lot of people think this type of solution can solve every problem. You have to figure out what problem you're going to solve, e.g., data protection or user access. From there, the idea is to jump in and bring it on. This industry, as a landscape, is changing from a product perspective. I see CASB converging with other Zero Trust solutions. I am prepared to see evolution of this industry sector because of the changing cloud needs. I would rate this solution as a seven out of a 10. SASA and some other things are a bit premature. As an organization, they have not been in business for a very long time. That comes with some level of challenges. We had an initial support challenge, which got resolved, but that kind of highlighted, as a software company, they're still maturing and productizing their product.

Search for a product comparison
David Levine - PeerSpot reviewer
Vice President, Corporate Information Security & Chief Security Officer at Ricoh Americas
Real User
2020-09-01T05:25:00Z
Sep 1, 2020

A true single pane of glass is not easy to achieve. The more you do with them, the more you can move towards that goal. As they continue to increase their functionality, the solutions that they offer, and the partners/integrations they have, they are certainly moving more in the single pane of glass direction. For security professionals and CISOs, as much as we can declutter and simplify, that's a great thing. For us, it has done exactly what we wanted it to do. Bitglass continues to be a valuable partner: * The relationship is good. * Support is good. * The solution works well. I would rate this solution as a nine plus out of 10. I did a video with Bitglass a couple years ago. It's out on YouTube. If you Google my company, Ricoh, and Bitglass on YouTube, the video will pop right up. There is a lot of good info there.

JH
Cyber Security Officer at a insurance company with 51-200 employees
Real User
2020-08-30T08:33:00Z
Aug 30, 2020

I would spend more time on the proof of concept than we did. We didn't really have the available applications to test it as robustly as we probably normally would have. I would give the solution an eight out of 10.

David Overton - PeerSpot reviewer
Sr. Director of Information Security & Enterprise Architecture at Childrens Home Society of Florida
Real User
2020-08-26T05:42:00Z
Aug 26, 2020

The biggest thing is know your use cases. If you're not sure what your use cases are, have them help define them. When you understand your use cases, you understand how you're going to use the product. It doesn't mean that you don't learn the other bits and functionality of it, but your core duty to your organization is to protect that critical data. Understand what those data sets are and how critical are they: * Are they regulated via the state or at the federal level? * What is it that you're trying to protect? If you can understand these questions, then you can tailor a lot of the training and a lot of what you have for what you need. I talk to my team all the time when we do things, and it has to be sustainable, maintainable and also adaptable. It has to be adaptable to the client because technology is the one thing that we have in business that will change. We know it will change. So, if you're rigid with whatever you're doing and not adapting, then you are already behind. I really like what this product does and what it stands for. We are a nonprofit, and until our use cases change, we are not using the product to its fullest potential. I do not use SASE yet. That is more for budgetary purposes. With the pandemic, our budget allocation has been a bit steep. Biggest lesson learnt: The different ways people can use data. Where they access and share it, then send it, do things, and respond. I understand now the need, more than ever, to evangelize. In the security industry, there's a saying, "Your weakest link is your end user." I tend to disagree now. The weakest link happens to be our security awareness training. How well are we doing there? Because if you train and teach, then things go a bit smoother. With everything that I know about Bitglass and working with the organization as a whole, such as, meeting the CEO on down through new folks, I would rate them a 10 out of 10. They have a fantastic culture and ethic when it comes to the customer first. If I need something, they're there. Just this past week, we went to do an integration of the fifth application, but something happened, and we had to postpone it. Our deployment manager says, "No problem. I'm there." He didn't even wait for me to say what we were going to postpone it to. He just said, "Okay, I'm there." That puts me at ease. They have my back and are there to help.

SK
CTO at a financial services firm with 11-50 employees
Real User
2020-08-06T06:44:00Z
Aug 6, 2020

You should definitely look at Bitglass as part of your process. I think it's still best of class and I think there is a lot of innovation that's happening at Bitglass. In terms of a CASB, and in terms of this new product for SASE as well, they are the best in terms of the feature set that they're offering. As for maintenance, we've got one infrastructure engineer and part of his responsibilities is to look at the weekly logs for Bitglass to see if there are any unusual connections.

RR
Senior Security Engineer at a healthcare company with 10,001+ employees
Real User
2020-08-05T06:59:00Z
Aug 5, 2020

My advice is to listen to Bitglass when they tell you how to deploy it properly. That's one of the two main things I have learned from using this solution. The other is, when you deploy this, always — and I stress this greatly — always deploy the new app or new API in what's called Direct App Access. That means once the user is authenticated into Bitglass, regardless of whether it's an external IDP or you're using the simple, built-in IDP from Bitglass, Direct App Access sends you directly to whatever it is you're trying to access, with no proxy. Always deploy with that, and then select about 10 users for reverse proxy, as well as 10 users that will use reverse and forward proxy. I would recommend that those 20 users be power users, people who use those applications on a regular basis. Bitglass is pretty seamless and it integrates well. But if it's an application that it has never integrated with before, which a lot of our applications have been, there is always the possibility that Bitglass is going to have to make a change for that application. That is a lesson learned for us. We would take an application that they had never integrated with before and we would just slam all of the users into it. It could handle the scale; it scaled fine. But what would happen is that there are certain JavaScripts on the client-side that Bitglass wouldn't handle correctly. It's not a fault of Bitglass, it's just a difference in technology in the way that the product was developed. So we identify that there's a problem with those power users. We then take those users out of the proxies and allow it to stand Direct App Access. When you do it that way you don't have issues. They can investigate, they can figure out what the issue is, they address it, and they fix it. And then you can start easing the deployment out again. That's huge. The solution provides a single policy page to secure all of our interactions to the cloud, but not for on-prem. It's not really much of an on-prem solution. There are ways that you could do that, with firewalls. But Bitglass is really more of a cloud-based protection and it's not meant for on-prem devices. With that being said, there is a single policy page around Bitglass, but when it comes to each SaaS-based application or API, then each one of those has its single page of policy. So you have your policies for Bitglass itself, then you have your policies for each app or each API. Bitglass's approach which, for me, makes a lot of sense, is that every application is different. So it's hard to treat them all the same. We don't yet use the solution's SmartEdge Secure Web Gateway. We are currently in the process of talks for bringing that into our environment. I find a lot of appeal to it and there are a lot of things with that new SmartEdge that would be extremely beneficial to our organization. Overall, knowing what I know now, a year and two months later, and having been through this whole Bitglass deployment with the issues that we've had that were not Bitglass' fault, I would still choose the same product today. I would do it again, but I would listen to Bitglass more and I would change my deployment method.

Find out what your peers are saying about Bitglass, Skyhigh Security, Zscaler and others in Secure Web Gateways (SWG). Updated: November 2022.
655,774 professionals have used our research since 2012.
Related Questions
Miriam Tover - PeerSpot reviewer
Service Delivery Manager at PeerSpot (formerly IT Central Station)
Sep 7, 2020
Hi Everyone, What do you like most about Bitglass? Thanks for sharing your thoughts with the community!
2 out of 6 answers
RR
Senior Security Engineer at a healthcare company with 10,001+ employees
Aug 5, 2020
The solution is very good when it comes to securing us against data leakage, because of the other proxy. It also has API scanning or data at rest. It inspects data in motion, which is the proxy, and then it has the data at rest, which is the API scanning. We can inspect for anything we want: file fingerprinting, PHI-sensitive data, PCI-sensitive data. It does not matter. We can usually find it and block it in transit and do our remediation with it. It could either be block, encrypt, or allow and watermark the file to follow it and see where it goes. It allows for those different scenarios.
SK
CTO at a financial services firm with 11-50 employees
Aug 6, 2020
The core CASB solution is the most valuable part. It allows us to put policies in place around which devices can log into our cloud applications. We have a policy that states that only company devices can access these cloud applications.
Miriam Tover - PeerSpot reviewer
Service Delivery Manager at PeerSpot (formerly IT Central Station)
Sep 7, 2020
Hi, We all know it's really hard to get good pricing and cost information. Please share what you can so you can help your peers.
2 out of 4 answers
RR
Senior Security Engineer at a healthcare company with 10,001+ employees
Aug 5, 2020
Their pricing is extremely fair. They need to make sure they pay attention to how the licensing works. There are many licensing methods. One way is the number of endpoint users you will have. And they license for every single application that you're going to put into the proxy system. They also have a few other types of licensing around CSPM, so there are many components. Bitglass didn't misrepresent their licensing structure in any way, but as a company we didn't really look at what it meant. Fortunately, we feel we got a really good deal with Bitglass and we got everything we need. We didn't have to go back and buy any additional licensing. However, if we had not just blindly gotten the right deal, we might have needed to go back and revisit the licensing structure with our account manager. We really didn't fully understand the way all the licensing worked until after the fact. Do your due diligence and make sure you understand. Don't over-buy your license and don't under-buy.
David Overton - PeerSpot reviewer
Sr. Director of Information Security & Enterprise Architecture at Childrens Home Society of Florida
Aug 26, 2020
There is training involved. If you're going to add more people to it, such as cross train more of your group, there's a cost. Other than that, that's it. We have paid exactly what the invoices have said. We signed a three-year contract and not gone above it. Understand what it is you're paying for with a CASB. Do your homework and understand what your use cases will be, because you will pay based on use case. Always be weary of someone who comes in and just wants to cut prices. If they're going to lose to a competitor and just whacks their price in half just to get the business. If it didn't match your needs based on what the product does in the beginning, you're going to be sorry. Know your use cases and purchase towards your use case. Make sure that you get a strategic business partner when it comes to your vendors.
Explore this product
Download Free Report
Download our free Secure Web Gateways (SWG) Report and find out what your peers are saying about Bitglass, Skyhigh Security, Zscaler, and more! Updated: November 2022.
DOWNLOAD NOW
655,774 professionals have used our research since 2012.