Catholic Healthcare Giant Secures Office 365 with Next-Gen CASB

Case Study

This healthcare system is a national, not-for-profit healthcare organization serving patients throughout the United States with over 150,000 employees and thousands of affiliated care providers and physicians.

The system needed a solution for data security and HIPAA compliance across Office 365, accessible from a range of managed and unmanaged end-user devices. They recognized the need to comply with complex federal regulations including HIPAA for protected health information (PHI), PCI-DSS for billing information, and local state regulations around personally identifiable information (PII).  As an organization with a complex network of physicians, member hospitals, and wide-ranging services, protecting data on all devices, was of great concern.

They needed a security solution that could control the flow of PHI, PII and PCI in the cloud, at access and on any device, managed or unmanaged. They first contemplated adopting a separate single sign-on (SSO) solution and relying on Microsoft's native security in Office 365. Unfortunately, Microsoft's built-in components lacked real-time data & threat protection. Since the system is a conglomerate of sister institutions, each with different domains and ActiveDirectory trees, third party cloud identity providers also fell short.  

After researching data protection solutions, the system chose Bitglass for its unique, agentless Next-Gen Cloud Access Security Broker (CASB) with integrated SAML SSO. With Bitglass, they were able to rapidly achieve security and compliance for Office 365 and ServiceNow, across any device, without the need for agents on endpoints. Furthermore, Bitglass’ Next-Gen architecture delivered Zero-Day protection, future proofing security for the organization's evolving cloud footprint. 

Bitglass' Next-Gen CASB delivers visibility, compliance, identity and access control at cloud scale. They also define granular data loss prevention (DLP) policies and prevent unauthorized access in compliance with HIPAA. Bitglass earned this organization’s trust because of its unique Next-Gen capabilities of rapid deployment and Zero-Day protection, integrated mobile data protection and SSO, and easy-to-deploy agentless architecture.

“Bitglass is the only CASB that delivers an integrated SSO and CASB solution. Their innovations in machine-learning, and their agentless architecture enabled rapid deployment.”

–CISO,  Catholic Health Giant