Next-Gen CASB vs First-Gen CASB

This post was originally published here by Ā Nat Kausik.

Recently, Bitglass was selected at a Fortune 100 financial services company for their CASB platform.Ā  During the course of the competitive process, we learned some interesting things about the CASB market.Ā 

First-Gen CASB fall into two categories.Ā  Ā 

  • Out-of-band CASB that deliver API control and Shadow IT Discovery, i.e. management capabilities for cleaning up after high-risk events.Ā  Being out-of-band, such CASB can be deployed rapidly without impact on end-users.
  • Inline CASB with forward-proxy architectures that require agents on every device.Ā  While such CASB can provide real-time security, they are nearly impossible to deploy outside the laboratory.Ā  Ā  There are many enterprises who have purchased such CASB and only have a handful of users deployed after a year or more of trying.Ā Ā 

In other words, First-Gen CASB deliver weak out-of-band security that is deployable, or offer strong inline security that is undeployable.Ā  Ā Neither choice is satisfying if you are Fortune 100 financial services company.Ā Ā 

Bitglass is the only Next-Gen CASB, built on a hybrid agent/agentless architecture.Ā  Ā Our largest customers with over 100K users deployed inline security in weeks and have been in continuous production for over several years.

Photo:TechCrunch

Ad

No posts to display