Financial Services Giant secures Office 365
& Salesforce with Next-Gen CASB

Case Study

This company has long been the investment and asset manager of choice for large organizations and high net worth individuals in the US and around the globe. The firm has over 6000 employees. As part of a technology upgrade program, the firm was poised to rapidly deploy Salesforce and Office 365 throughout the organization. The firm was looking for a cloud security solution that could be quickly deployed in concert with this rollout. Given the high profile nature of its clientele, the complete assurance of data privacy is of highest importance to the organization.

The firm wanted to maintain sole control of its data – it didn’t feel comfortable with cloud vendors having any visibility into customer information. The firm’s security architecture and risk teams set out to find a security solution that would help enable secure cloud application usage. For Salesforce specifically, they wanted an encryption solution that maintained integrity of data security while enabling full application functionality including search, reporting, and the firm’s Salesforce customizations and third party integrations. The firm evaluated every CASB in the market. It tested Bitglass’ cloud encryption against Salesforce’s Platform Encryption product. Some key differentiators emerged in testing. Bitglass’ solution offered more complete encryption of data in Salesforce, providing broad protection of different data types. Bitglass supported greater levels of application functionality than did Platform Encryption, including sort and complete API queries. Moreover, the firm found Bitglass’ encryption to be more secure by allowing for total customer control over data encryption keys. This contrasted with the Platform Encryption approach, which requires application-generated keys that reside in memory, increasing risk from data breaches. Bitglass’ architecture creates a system of dual control, greatly raising the overall security of data.

With regard to Office 365 security, the firm was looking to govern flows of sensitive financial and client data across the entire suite, but most importantly in Sharepoint and Yammer. The firm valued Bitglass’ ability to detect and variably remediate PII and PIFI in real time via masking, blocking, or encryption. Additionally, the firm wanted to empower employees to use BYOD while protecting corporate data. The firm found Bitglass’ agentless data protection to be unique in its ability to secure data flowing upstream and downstream from unmanaged devices. Additionally, the firm valued the ability of Bitglass’ Discovery solution to find risky outbound data flows from its networks to malware hosts and Shadow IT.

“In comparing the leading CASB solutions, we found that only Bitglass delivers a complete security solution for cloud and mobile with real-time inline data protection from any device – laptops or mobile. Furthermore, their unique patented searchable encryption technology makes it possible for us to securely adopt”

- CISO, Financial Services Firm