Bitglass recently hit its 5 year anniversary as a company. So much has happened during those 5 years that it seems like nothing is the same. Our team has grown by >20x. We gone from zero to hundreds of customers, across every major vertical. We expanded from one country to more than 12. We witnessed Microsoft come out of nowhere with Office 365 and demolish Google's G Suite, which had a commanding early lead in cloud productivity. We learned that our product category would become known as Cloud Access Security Brokers (CASBs). We burned through what seems like dozens of small kitchen appliances - coffee makers, toaster ovens, microwaves, etc.
When one hits a significant milestone like this, it's tempting to look back in time to see how far you've come. With that in mind, I went back and re-read the first couple of Bitglass blog posts, curious to see how far we've deviated from our humble beginnings.
Our very first blog post, Your Data Has Left the Building, published September 6, 2013, remains remarkably accurate, and the direction outlined there continues to inform our mission to this day. Some excerpts:
- "Bitglass was founded to address the data security problems that arise at the intersection of cloud and mobile."
The intersection of cloud and mobile continues to differentiate Bitglass against our competition in the CASB space. Cloud security begins as a relatively contained problem - protecting data-at-rest in cloud applications. Once your organization begins using those cloud apps, however, the problem gets thorny. Employees bring both managed and unmanaged devices, synchronizing and downloading data across a broad range of access methods. Very quickly your contained cloud data protection problem becomes as much, if not more, about mobile data protection. Summary? If your CASB can't protect mobile, it's not really providing much security value.
- "Bitglass provides transparent data security, anywhere."
At the time, developing a security solution that was transparent to employees, honored their privacy, and preserved their user experience was novel, but not necessarily a requirement. Most security professionals were still of the mind that they could say no to "risky" requests from employees and from the business. Five years later and this is no longer the case - security professionals view their world from the perspective of enablement, and recognize that intrusive security forces users to find their own IT solutions, a poor outcome for all involved.
- "Any user, any device, any application"
Early CASB projects and use cases revolved around a small set of SaaS applications. Office 365 lead the charge, but from 2014-2016, around 10 or 12 apps represented the overwhelming majority of CASB use cases. That said, we've believed from the beginning that once cloud got a foothold in the enterprise, it would spread like a virus (not to be confused with viruses spreading in your cloud applications, which Bitglass is happy to remediate for you via its' Advanced Threat Protection offering). Bitglass' Zero-Day CASB Core represents the culmination of five years' engineering effort towards delivering on our early vision of protecting any application without requiring special development. This flexibility gives our customers the confidence that they can support their evolving cloud footprint, regardless of where their business takes it.
- "Delivered transparently from the network, with no changes to applications or to devices"
Agentless, agentless, agentless! It was the most difficult path to take. It required fresh, innovative thinking and new technology, such as our AJAX-VM. But at the end of the day, we are the only CASB that has been able to make an agentless architecture that works. This means real-time inline protection on any device, including BYOD. It means no changes to managed devices or to network components like Secure Web Gateways. But most importantly, it means that our customers deploy quickly, and prove value immediately, even across organizations with hundreds of thousands of users.
Looking back, a lot has definitely changed. But the core of what we do - the mission we set out to accomplish - continues to drive sustained innovation and a drive towards getting our customers deployed and happy.