Beverage Giant Secures Office 365 BYOD with Next-Gen CASB

Case Study

BYO devices are an important source of productivity for this S&P 500 beverage manufacturer. However, the enterprise had struggled to roll out BYOD security programs for its globally distributed workforce. Its IT team was concerned about the risk posed by the presence of corporate data on deprovisioned devices, and turned to MDM solutions in an attempt to solve this problem.

Initial deployments of MobileIron and then SAP Afaria had both proved to be challenging for the firm. After spending a considerable amount of time and money on these two solutions, the firm found itself in the unenviable position of its security solutions being adopted by fewer than ten users. Many employees had voiced concerns over the potential for privacy violations with the installation of corporate security software on their personal mobile devices. For the firm’s IT team, it proved impossible to install and configure MDM agents on thousands of devices, with the innumerable variations of OSs and devices types that are par for course with BYOD.

The firm’s CIO tasked his team with finding an alternative BYOD security solution – one that would be easier to deploy, and would allay employees’ concerns around privacy. The solution should work across migration from on-prem Exchange into Office 365. The firm eventually settled on Bitglass Cloud Access Security Broker Solution (CASB), choosing its BYOD security solution for two key reasons:

Bitglass’ agentless approach to data security meant that there was no software or certificates to install on employee’s devices. Users simply set up their apps of choice (as they normally would) and their devices were automatically configured to communicate with the Bitglass Omni Activesync proxy. This greatly reduced the burden of the deployment on the firm’s IT helpdesk. Bitglass automatically syncs with the firm’s ActiveDirectory, enabling straightforward and seamless user management. When users leave the firm and are removed from AD, their mobile devices are automatically wiped of corporate data, while all of their personal data is preserved. The firm’s team appreciated the frictionless process, which contrasted greatly with their previous laborious manual mobile deprovisioning process.

The agentless approach to mobile data security was less intrusive for employees and increased buyin with the security program. The fact that there was no potential for privacy encroachment, or device performance impact greatly aided the adoption of this BYOD security program, which was able to reach its full deployment goals within 3 weeks of the firm signing its contract with Bitglass.