| Bitglass | Other CASBs | |
| Architecture |
Bitglass' multi-protocol proxy architecture provides inline, real-time protection from any device: HTTP forward and reverse proxy with AJAX-VM ActiveSync proxy API-integration SAML SSO proxy |
Limited – API and/or Forward Proxy only |
| Unmanaged Device Access | Agentless, restricted access from managed and unmanaged devices. | Restricted access via agents from managed devices only |
| Contextual Access Control | Control access by user, device, location and data. | Varies |
| Data Leakage Prevention | Integrated, high-performance cloud DLP engine with pre-built and custom DLP policies for maximum flexibility | Low performance integration with premises-DLP |
| Cloud Encryption |
Harbor |
Encryption strength weakened to preserve application functionality |
| Flexible Remediation | Dynamically apply remediation actions including watermarking/tracking, file encryption, digital rights management, quarantine, share removal, notification, redaction and blocking | Limited |
| Mobile Data Protection | Selective-wipe, device encryption, device PIN, device audit, no agent, any device | N/A |
| Identity | Integrated identity management with AD synchronization and contextual multi-factor authentication enhances or replaces third party IAM | Requires 3rd party IAM |
| Usability | No changes to user experience and no software or agents to deploy – any browser, any device, any application | Works only on managed devices with installed agent software |
| Extensibility | All of the above supported on leading SaaS apps. | Varies |
| Deployment | Available as globally-hosted, infinite scale SaaS solution or as premises-based software | Rigid proprietary data center deployments or hardware appliances |
| Low Overhead | Deployed in minutes with no software to deploy on your network or devices | Painful, legacy deployment requiring software/hardware installs on premises and on both managed and unmanaged devices |