Global 2000 Electronics Giant Secures Office 365 with Next-Gen CASB

Case Study

Based in Japan, this Global 2000 manufacturing firm has over 100,000 employees in over 200 countries. The firm was looking to fully transition its global employees to a SaaS productivity suite. The firm’s IT team chose Office 365, but the CISO blocked deployment until independent security controls were delivered by a CASB platform. The firm’s existing security architecture is a heterogenous mix of equipment, including next-gen firewall appliances, secure web gateways from Bluecoat and Symantec DLP appliances. This network-level security architecture was inadequate for protecting data in the cloud and allowing for access on any device.

With the firm’s Office 365 productivity suite initiative set to rollout rapidly throughout the company, its enterprise security architecture team evaluated Cloud Access Security Broker solutions to enable secure cloud usage. Of particular concern was protecting corporate data and acess from any device, laptop or mobile. Specifically, the security team wanted to permit synchronization apps, like OneDrive and Outlook, only on company owned devices, while restricting access on unmanaged devices.  The firm also wanted to encourage BYO devices, without the management overhead of MDM. The native Office 365 security controls did not provide an adequate level of data protection, especially in the case of data access by unmanaged devices.

In its search for a solution, the firm conducted trials of Bitglass and two other major CASB vendors. In these trials, the IT security team ran the CASB solutions through a gamut of use cases – access control, discovery, API, and managed/unmanaged device access and mobile security.

The firm ultimately chose Bitglass thanks to its unique ability to provide Zero-Day protection on any device. The firm’s security architecture team concluded that API-only approaches were not sufficient for complete Office 365 data protection. The team favored the agentless, Zero-Day, inline data security enabled by Bitglass’ hybrid architecture to the agent-based alternatives. The ability of Bitglass’ unique technologies – reverse proxy and AJAX-VM as well as ActiveSync proxy – to secure sensitive data on unmanaged devices and BYOD was key. Additionally, Bitglass' native DLP engine handled all languages with ease, including those with double-byte characters, offering a clear system performance advantage over the external DLP via ICAP required by competing CASBs.

Zero-Day CASB security.  No software required.

“In comparing the leading CASB solutions, we found that only Bitglass delivers a complete security solution for cloud and mobile with Zero-Day inline data protection in the cloud, at access, and on any device. And their mobile security alternative to MDM is a must have at any global corporation”

– CISO, G2000 Electronics Giant