<img src="//pixel.quantserve.com/pixel/p-_JKXxuL8SR7wu.gif?labels=_fp.event.Default" style="display: none;" border="0" height="1" width="1" alt="Quantcast">

Next-Gen CASB for AWS

protect S3 and custom cloud apps

Amazon Web Services is the dominant public cloud Infrastructure as a Service (IaaS) provider. While AWS provides some native security & compliance functionality, such as admin transaction logging, there are gaps. The Bitglass Cloud Access Security Broker (CASB) for AWS fills those gaps, providing identity management and SSO, contextual access control, and cross-application user behavior analytics.


limit risk by governing context

Bitglass enables you to assess the context of every session and to enforce risk appropriate levels of access. For example, you can prohibit a user from logging in and creating new S3 buckets when on an unmanaged device and outside of the corporate headquarters.
  • Control access from a variety of different contexts including managed vs unmanaged devices, locations, groups, and more.

encrypt or tokenize stored data

Among the top concerns for organizations adopting AWS is securing data-at-rest in S3 while making that data accessible to users when needed. Only Bitglass can effectively protect IaaS data lakes.  

  • Protect data in any storage format with full-strength 256-bit AES encryption or tokenization.
  • Define security levels to control which users can decrypt sensitive data.
  • Support for KIMP gives you control over your own encryption keys.

see across clouds

Many organizations have begun to adopt a cloud-first mentality, which means AWS is probably one of several cloud applications in use. Bitglass’ cross-application user behavior analytics identifies risky activities, not only within an app, but across applications. So you know when Joe is logging in to Salesforce and AWS at the same time from two different locations.
  • User behavior profiling gives deep insights into suspicious user activities within and across cloud applications.

  • Customizable alerts and response actions allow you to see and take immediate action on risky transactions.
protect data

operationalize identity best practices

Adopting public cloud services like AWS doesn’t mean that you need to abandon the identity best practices you’ve developed for internal applications. With Bitglass, integrate AWS with AD or with your existing IAM solutions, and layer in security features like step-up multifactor authentication when faced with risky transactions.
      • Flexible identity integration options including Active Directory Sync, integration with leading IAM providers like Okta and Ping, or leverage Bitglass’ native identity management system to simplify the picture even further.
      • Step-up to stronger authentication for high risk transactions and contexts, such as logins from new devices or geographies.
cloud solutions brief image

enable AWS security

Learn more about how Bitglass' cloud security solution can help your organization protect all AWS services.

download now