Total cloud security

Bitglass’ Total Cloud Security Platform is the only secure access service edge offering that combines a Gartner-MQ-Leading cloud access security broker, the world’s only on-device secure web gateway, and zero trust network access to secure any interaction. With the Bitglass and CrowdStrike® integration, malware can be blocked automatically across the cloud, the web, and the network – at upload, at download, and at rest. Uniquely, Bitglass’ agent-less CASB and ZTNA solutions can leverage this integration to prevent malware uploads stemming from unmanaged devices without the need for any software installations.

1. 01

   Agentless control of managed apps

   Bitglass multi-mode CASB lets you apply contextual access control, data leakage prevention (DLP), and advanced threat protection (ATP) to any managed SaaS app without an agent on the user device. This includes DLP and ATP applied to files during upload and download. In addition, for many SaaS apps, the CASB can scan data at rest in the cloud for DLP enforcement and ATP. Detection of sensitive data is facilitated by pre-built data patterns and the ability for the administrator to create custom patterns using advanced regex, exact data match, and file fingerprinting. Remediation actions include block, quarantine, encrypt, renounce public sharing, apply DRM, and file watermarking with file tracking.

2. 02

   SmartEdge secure web gateway

   SmartEdge Secure Web Gateway (SWG) is an agent that installs on Windows and Mac OS and allows central control of all managed and unmanaged apps on the device. It also monitors access to all web traffic. It can report back discovery of new unmanaged apps access (shadow IT) and block access to sanctioned apps by category. The Bitglass SWG is unique in the industry because it limits the amount of data that has to pass through a cloud-based control point thus minimizing latency. This is supported by decrypting web traffic on the device and not requiring all traffic to be routed through an inspection point in the cloud. The SWG can enforce DLP and ATP for both data upload and download for both managed and unmanaged apps.

3. 03

   Zero trust network access

   Bitglass ZeroTrust Network Access (ZTNA) extends the ability to control managed public SaaS applications to privately hosted web apps without need for an on-device agent. The same contextual access controls, DLP enforcement, and ATP policies used for managed public SaaS apps can be applied to your private web apps running on-premises or in your private cloud instance. This connectivity is facilitated by a tunnel set up between your private data center and a nearby Bitglass point of presence in AWS. And for privately hosted apps that rely on the SSH or RDP protocols, Bitglass can enforce contextual access control using our SmartEdge agent technology.