This company has long been the investment and asset manager of choice for large organizations and high-net-worth individuals in the US and around the globe. The firm has over 6,000 employees. As part of a technology upgrade program, the firm was poised to rapidly deploy Salesforce and Office 365 throughout the organization. The firm was looking for a cloud security solution that could be quickly deployed in concert with this rollout. Given the high profile nature of its clientele, the complete assurance of data privacy was of highest importance to the organization.
The firm wanted to maintain sole control of its data – it didn’t feel comfortable with cloud vendors having any visibility into customer information. The firm’s security architecture and risk teams set out to find a solution that would help enable secure cloud application usage. For Salesforce specifically, they wanted an encryption solution that maintained data security while enabling full application functionality, including search, reporting, and the firm’s Salesforce customizations and third-party integrations. Consequently, the firm evaluated every CASB offering in the market.
It tested Bitglass’ cloud encryption against Salesforce’s Platform Encryption product. Some key differentiators emerged in testing. Bitglass’ solution offered more complete encryption of data in Salesforce, providing broad protection of different data types. Bitglass also supported greater levels of application functionality than did Platform Encryption, including sort and complete API queries. Moreover, the firm found Bitglass’ encryption to be more secure by allowing for total customer control over data encryption keys. This contrasted with the Platform Encryption approach, which requires application-generated keys that reside in memory, increasing risk from data breaches. Bitglass’ architecture creates a system of dual control, greatly raising the overall security of data.
With regard to Office 365 security, the firm was looking to govern flows of sensitive financial and client data across the entire suite--with a particular focus on SharePoint and Yammer. The firm valued Bitglass’ ability to detect and remediate PII and PIFI in real time via masking, blocking, or encryption.
In addition to the above, the firm wanted to empower employees to use BYOD while protecting corporate data. The firm found Bitglass’ agentless CASB deployment mode to be unique in its ability to secure data flowing upstream and downstream from unmanaged devices. Additionally, the firm valued Bitglass' ability to find risky outbound data flows from its networks to malware hosts and shadow IT.
“In comparing the leading CASB offerings, we found that only Bitglass delivers a complete security solution for cloud and mobile with real-time, inline data protection on any device. Furthermore, their unique, patented, searchable encryption technology makes it possible for us to securely adopt Salesforce.com.”
- CISO, Financial Services Firm