Regional Solutions Manager Sub Saharan Africa at Infodata Professional Services Limited
Real User
Top 5
2023-02-24T14:45:08Z
Feb 24, 2023
Bitglass integration with some IDP providers needs improvement. Currently, the solution is not compatible with Azure AD for third-party authentication. The fraud proxy in the SmartEdge agent is not compatible with Forcepoint DLP or a web hybrid agent. I would like the developers to consolidate multiple agents across systems for better integration.
Vice President, Corporate Information Security & Chief Security Officer at Ricoh Americas
Real User
2020-09-01T05:25:00Z
Sep 1, 2020
A few minor items for consideration: * Enhanced reporting ( e.g. a report to find out how many users are in specific Bitglass group). * MFA Enhancement: Perhaps adding an MFA Application.
Cyber Security Officer at a insurance company with 51-200 employees
Real User
2020-08-30T08:33:00Z
Aug 30, 2020
In our environment, when an Active Directory password changes, we tend to have some latency issues with access. It takes about 15 minutes before that password is accessible through Bitglass after the change. That would be the major thing I see as a negative. The Active Directory password thing created a lot of negative feedback from our end user staff. As we move forward, we will probably have to evaluate that to see if it appears in other applications. At this point, we don't have any plans to discontinue it, but as we scale up, we will probably have that conversation. Where I missed a step: I didn't provide enough training to our end user staff and system admin staff. This created some elements of frustration for them as they migrated to the cloud applications. The password synchronization piece seemed to be the big negative thing. When people can't log into an application, they get pretty uptight about it. That is probably my biggest misgiving. The synchronization/password change issue is probably the most glaring problem that we have with it. Unfortunately, it's one that hits anybody who uses the product. Anytime their password changes, it becomes an issue.
Sr. Director of Information Security & Enterprise Architecture at Childrens Home Society of Florida
Real User
2020-08-26T05:42:00Z
Aug 26, 2020
Integration into different multi-factor authentication tools. On their page, they tout Duo, but I don't use Duo. I use another vendor. Not that they don't interact, but it takes a little bit more doing. Any amount of efficiencies here would help. The one area of improvement that I would suggest: Integrating to some on-prem things, like Active Directory. That would be helpful, but then I would need to have a third-party piece to do things automatically, not manually.
CTO at a financial services firm with 11-50 employees
Real User
2020-08-06T06:44:00Z
Aug 6, 2020
Their new SASE (secure access service edge) product would have been the one thing I would have requested. Now that they have that platform, I'd like to see it as integrated and seamless as possible with the core product. That's what they're working towards and that's where we're seeing the advancements.
Senior Security Engineer at a healthcare company with 10,001+ employees
Real User
2020-08-05T06:59:00Z
Aug 5, 2020
I wish they would advance more into the endpoint DLP solution. Currently they do not do anything around endpoint, they're still strictly cloud-based. The forward proxy is really the only thing they do. What I would like to see them do is to scan machines, workstations and servers, for information we might not want on those machines. That would be huge. We have to consider the fact that that's not really their arena, but I think if they would come into that arena, they would open themselves to providing a more complete solution.
Senior Security Engineer at a healthcare company with 10,001+ employees
Aug 5, 2020
The solution is very good when it comes to securing us against data leakage, because of the other proxy. It also has API scanning or data at rest. It inspects data in motion, which is the proxy, and then it has the data at rest, which is the API scanning. We can inspect for anything we want: file fingerprinting, PHI-sensitive data, PCI-sensitive data. It does not matter. We can usually find it and block it in transit and do our remediation with it. It could either be block, encrypt, or allow and watermark the file to follow it and see where it goes. It allows for those different scenarios.
CTO at a financial services firm with 11-50 employees
Aug 6, 2020
The core CASB solution is the most valuable part. It allows us to put policies in place around which devices can log into our cloud applications. We have a policy that states that only company devices can access these cloud applications.
Senior Security Engineer at a healthcare company with 10,001+ employees
Aug 5, 2020
Their pricing is extremely fair. They need to make sure they pay attention to how the licensing works. There are many licensing methods. One way is the number of endpoint users you will have. And they license for every single application that you're going to put into the proxy system. They also have a few other types of licensing around CSPM, so there are many components. Bitglass didn't misrepresent their licensing structure in any way, but as a company we didn't really look at what it meant. Fortunately, we feel we got a really good deal with Bitglass and we got everything we need. We didn't have to go back and buy any additional licensing. However, if we had not just blindly gotten the right deal, we might have needed to go back and revisit the licensing structure with our account manager. We really didn't fully understand the way all the licensing worked until after the fact. Do your due diligence and make sure you understand. Don't over-buy your license and don't under-buy.
Sr. Director of Information Security & Enterprise Architecture at Childrens Home Society of Florida
Aug 26, 2020
There is training involved. If you're going to add more people to it, such as cross train more of your group, there's a cost. Other than that, that's it. We have paid exactly what the invoices have said. We signed a three-year contract and not gone above it. Understand what it is you're paying for with a CASB. Do your homework and understand what your use cases will be, because you will pay based on use case. Always be weary of someone who comes in and just wants to cut prices. If they're going to lose to a competitor and just whacks their price in half just to get the business. If it didn't match your needs based on what the product does in the beginning, you're going to be sorry. Know your use cases and purchase towards your use case. Make sure that you get a strategic business partner when it comes to your vendors.
Download our free Secure Web Gateways (SWG) Report and find out what your peers are saying about Bitglass, Skyhigh Security, Zscaler, and more! Updated: March 2023.
Bitglass integration with some IDP providers needs improvement. Currently, the solution is not compatible with Azure AD for third-party authentication. The fraud proxy in the SmartEdge agent is not compatible with Forcepoint DLP or a web hybrid agent. I would like the developers to consolidate multiple agents across systems for better integration.
They need to mature the SmartEdge Secure Web Gateway (SASE) solution. It is still very early as a product based on industry standards.
A few minor items for consideration: * Enhanced reporting ( e.g. a report to find out how many users are in specific Bitglass group). * MFA Enhancement: Perhaps adding an MFA Application.
In our environment, when an Active Directory password changes, we tend to have some latency issues with access. It takes about 15 minutes before that password is accessible through Bitglass after the change. That would be the major thing I see as a negative. The Active Directory password thing created a lot of negative feedback from our end user staff. As we move forward, we will probably have to evaluate that to see if it appears in other applications. At this point, we don't have any plans to discontinue it, but as we scale up, we will probably have that conversation. Where I missed a step: I didn't provide enough training to our end user staff and system admin staff. This created some elements of frustration for them as they migrated to the cloud applications. The password synchronization piece seemed to be the big negative thing. When people can't log into an application, they get pretty uptight about it. That is probably my biggest misgiving. The synchronization/password change issue is probably the most glaring problem that we have with it. Unfortunately, it's one that hits anybody who uses the product. Anytime their password changes, it becomes an issue.
Integration into different multi-factor authentication tools. On their page, they tout Duo, but I don't use Duo. I use another vendor. Not that they don't interact, but it takes a little bit more doing. Any amount of efficiencies here would help. The one area of improvement that I would suggest: Integrating to some on-prem things, like Active Directory. That would be helpful, but then I would need to have a third-party piece to do things automatically, not manually.
Their new SASE (secure access service edge) product would have been the one thing I would have requested. Now that they have that platform, I'd like to see it as integrated and seamless as possible with the core product. That's what they're working towards and that's where we're seeing the advancements.
I wish they would advance more into the endpoint DLP solution. Currently they do not do anything around endpoint, they're still strictly cloud-based. The forward proxy is really the only thing they do. What I would like to see them do is to scan machines, workstations and servers, for information we might not want on those machines. That would be huge. We have to consider the fact that that's not really their arena, but I think if they would come into that arena, they would open themselves to providing a more complete solution.