This payment and debit-card processing leader standardized on Google's G Suite, but struggled to achieve PCI compliance for its auditors.
With a mix of regular employees and contractors, managed and BYOD mobiles and laptops, as well as a geographically distributed workforce, things proved challenging when it came to achieving PCI compliance. The compliance team wanted to restrict contractors to browser access and only on the corporate network, and wanted to allow regular employees full access on managed devices and corporate networks, while restricting their access on BYOD.
Bitglass delivered a complete solution out of the box. Bitglass' multi-mode cloud access security broker (CASB) included SAML single sign-on, so the customer terminated its contract with Okta and configured Bitglass to be the identity provider for G Suite. Installing the Bitglass AD sync agent automatically provisioned users on Bitglass, mirroring user groups and privileges. Configuring WYSIWYG access-control policies on the Bitglass console enforced the rules that were required for compliance. Additionally, Bitglass’ unique AJAX-VM technology meant that no agents or configuration or spoofed certificates were required on either managed or unmanaged laptops. Users simply logged into G Suite and were automatically redirected via the Bitglass proxy. Of particular advantage for the BYO devices was the fact that no software installations were required. Bitglass has high-availability fail-over and geographic load balancing.
“Bitglass uniquely delivers a comprehensive security solution that automatically segments, tracks & secures sensitive data in the cloud, at access, and on any device. And their support is superb!”
— CIO, Payment Processor