<img src="//pixel.quantserve.com/pixel/p-_JKXxuL8SR7wu.gif?labels=_fp.event.Default" style="display: none;" border="0" height="1" width="1" alt="Quantcast">

Next-Gen CASB for AWS

Protect S3 and Custom Cloud Apps

Amazon Web Services is the dominant public cloud Infrastructure as a Service (IaaS) provider. While AWS provides some native security & compliance functionality, such as admin transaction logging, there are gaps. The Bitglass Cloud Access Security Broker (CASB) for AWS fills those gaps, providing identity management and SSO, contextual access control, and cross-application user behavior analytics.


Zero-day Security for AWS

Native security controls from application vendors are inadequate for enterprises in regulated industries or those with valuable intellectual property. Bitglass enables you to enforce data security policies on SaaS and IaaS apps in real time, from any device. Moreover, Bitglass provides cross-app visibility, empowering you to discover suspicious and abnormal behavior. If a user accesses an app from LA, and then an hour later tries to access the same app from NYC, Bitglass can flag and prevent that login.
  • Limit risky behavior with customized access control policies. Prevent data leakage by controlling external sharing, and mobile download + sync.

  • Cloud encryption keeps sensitive data shielded from anyone outside your organization.
  • User behavior analytics ensure immediate response to suspicious activities and compromised credentials - across all of your cloud apps.  


Encrypt or Tokenize Stored Data


Among the top concerns for organizations adopting AWS is securing data-at-rest in S3 while making that data accessible to users when needed. Only Bitglass can effectively protect IaaS data lakes.  

  • Protect data in any storage format with full-strength 256-bit AES encryption or tokenization.
  • Define security levels to control which users can decrypt sensitive data.
  • Support for KIMP gives you control over your own encryption keys.

Advanced Threat Protection on any device

Cloud apps enable your users to be productive on any device anywhere, and your security solution needs to match. Bitglass' Next-Gen multi-protocol proxies enable Zero-Day threat protection of your data on any device.
Bitglass’ Advanced Threat Protection (ATP) powered by Cylance, blocks the spread of unknown and zero day attacks. Policies can be enforced in real-time on the proxy for uploads and downloads, or via API for data-at-rest in the cloud.
protect data

Operationalize Identity Best Practices


Adopting public cloud services like AWS doesn’t mean that you need to abandon the identity best practices you’ve developed for internal applications. With Bitglass, integrate AWS with AD or with your existing IAM solutions, and layer in security features like step-up multifactor authentication when faced with risky transactions.
      • Flexible identity integration options including Active Directory Sync, integration with leading IAM providers like Okta and Ping, or leverage Bitglass’ native identity management system to simplify the picture even further.
      • Step-up to stronger authentication for high risk transactions and contexts, such as logins from new devices or geographies.
cloud solutions brief image

enable AWS security

Learn more about how Bitglass' cloud security solution can help your organization protect all AWS services.

download now