This post was originally published here by Nat Kausik.
Recently, Bitglass was selected at a Fortune 100 financial services company for their CASB platform. During the course of the competitive process, we learned some interesting things about the CASB market.
First-Gen CASB fall into two categories.
- Out-of-band CASB that deliver API control and Shadow IT Discovery, i.e. management capabilities for cleaning up after high-risk events. Being out-of-band, such CASB can be deployed rapidly without impact on end-users.
- Inline CASB with forward-proxy architectures that require agents on every device. While such CASB can provide real-time security, they are nearly impossible to deploy outside the laboratory. There are many enterprises who have purchased such CASB and only have a handful of users deployed after a year or more of trying.
In other words, First-Gen CASB deliver weak out-of-band security that is deployable, or offer strong inline security that is undeployable. Neither choice is satisfying if you are Fortune 100 financial services company.
Bitglass is the only Next-Gen CASB, built on a hybrid agent/agentless architecture. Our largest customers with over 100K users deployed inline security in weeks and have been in continuous production for over several years.
Photo:TechCrunch
