Forcepoint ONE Reviews

The use case is around protecting data on BYOD devices where users can access any type of data.

It is overall a good solution for securing against data breaches and attacks, but there is no 100 percent guarantee in software. We feel that it is a pretty solid product for protecting data on the public cloud.

The solution’s AJAX-VM provides constant reverse proxy uptime. It has been very positive for our security operations. When people are trying to access the SaaS solution, it protects us from downloading any of that data and experiencing any type of attacks.

We mostly use it for CASB. It has a very light weight impact in that it doesn't really affect anything from an operations perspective. It is helping our monitoring, which results in better security, threat protection, or security posture.

When we have had enhancement requests, they have been able to fulfill those based on our changing needs. Therefore, we feel it's a pretty good solution.

Depending on the company, the data leak prevention or protection is the most valuable feature. DLP is the capability that we leverage. 

We leverage the impossible travel event type of capabilities and the reverse proxy capabilities. They protect and provide data protection, which basically help us with unauthorized access and protecting data on all transactions. This is important. These features focus on cloud applications, and that's where we use them.

We have tested and monitor how the solution secures us against data leakage. We feel that it is pretty good from that perspective.

Through their security portal, that is where we configure policies and any sort of security. This positively affects our security operations. We can go to one place and make the changes we need to, which saves time by providing easy access.

They need to mature the SmartEdge Secure Web Gateway (SASE) solution. It is still very early as a product based on industry standards.

Two years.

The stability is excellent. We have not seen any issues.

We have not seen any latency issues, whatsoever. It has been very seamless.

The solution's overall uptime is excellent.

The solution is pretty scalable. Right now, we have 12,000 end users on it. 

We do plan to increase usage by expanding the solution to five other applications. We find the solution to be integrable. 

Initially, we had some challenges that Bitglass resolved quickly. The challenges were around communication. There didn't seem like there was the right level of communication within the Bitglass organization. Once we brought the issues up at a higher level, then they were resolved.

We have found the technical support to be responsive. The turnaround time is within an hour or two.

At a previous organization, I used Netskope.

My current organization did not previously use another solution.

The initial setup was complex. We had special use cases, which needed to be addressed. There was a little more configuration needed for data protection.

The deployment took two months to get the resources design completed.

For the use cases that we had identified, we PoC the solution first as part of our evaluation criteria. When we saw the results from it, then we were able to move ahead with design and roll up.

We did the deployment ourselves with one architect and two engineers.

It is definitely providing us value.

We have our pricing by user. We do our pricing agreements annually. There are also additional costs for maintenance.

We also looked at Microsoft and McAfee's CASB: MVISION Cloud (formerly Skyhigh Networks). The biggest goal that we had with Bitglass was our use case was actualized on BYOD. We could not get those other solutions to really provide the level of protection we were looking for coming in from a BYOD device.

We have used competitive solutions that rely on private cloud architectures. Bitglass's uptime is very good in comparison. 

In comparison to Netskope, Bitglass has better ease of implementation. Also, Netskope was where they said the product was two years ago.

The product works, and their organization is pretty dynamic.

Get a very clear understanding of your use case before bringing the product in. That applies to all CASBs because there are different problems for different people. I feel like a lot of people think this type of solution can solve every problem. You have to figure out what problem you're going to solve, e.g., data protection or user access. From there, the idea is to jump in and bring it on.

This industry, as a landscape, is changing from a product perspective. I see CASB converging with other Zero Trust solutions. I am prepared to see evolution of this industry sector because of the changing cloud needs.

I would rate this solution as a seven out of a 10. SASA and some other things are a bit premature. As an organization, they have not been in business for a very long time. That comes with some level of challenges. We had an initial support challenge, which got resolved, but that kind of highlighted, as a software company, they're still maturing and productizing their product.

We use it for our cloud-based solutions. For instance, we use it for Office 365, Salesforce, and a couple of web applications that are cloud-based. It gives us an added layer of security with a little more visibility into those applications, as far as: who's logging in and who's not. It's kind of a firewall, in a sense. Since none of our business is really overseas, we don't really have employees or customers who should be logging in from outside of the United States. We just block any attempt that is coming in from offshore.

Another thing that it does, if people are not able to connect, then it gives us an easy view into why they may not be connecting. For instance, if their iPhone is not connecting, then sometimes we can see if they are entering the wrong password or something else. It has a little simpler navigation than what Office 365 gives us. It is also a little quicker to see login failures.

It has given us a more secure environment. If we weren't using their certificate and some of the other rule sets where we can verify their identity, we would probably not allow people to connect remotely unless they were coming through our VPN. 

We are able to see attempted connections and that sort of thing. 

We are able to verify what is getting saved out onto the cloud. It allows us to have some DLP rules, since we have to be HIPAA compliant. If some personal health information has been uploaded to Office 365, then we are able to detect that sort of thing and account for it. We have set up rules to prevent people from doing that. 

We can create rules to prevent people from copying things. We can see what sort of security rights are set up in SharePoint. We use a sort of combination of a native Office 365 rules set with Bitglass rules.

It has allowed us to have people working remotely during this pandemic so we can make sure they have valid certificates to connect to applications. If they don't have a valid certificate, then they can't connect.

The solution provides a single policy page to secure all of our interactions to the cloud and our on-premise resources. For example, there is a policy page where we go to define our policies. On that policy page, we have Office 365 and Salesforce policies.

I find the login features probably the most valuable. If somebody is having trouble logging into Office 365 or Salesforce, I can typically verify, "Yes, indeed. I see you're not able to connect." I can usually figure out why they're not connecting correctly, such as, putting in the wrong user ID or password. Or, they might not have a valid certificate to connect to those applications.

Identity simplifies our cloud security ops. It gives us a single pane of glass for our cloud-based apps. Because Office 365 tends to be slow to navigate though, this gives us quicker access. 

The initial login into Salesforce or Office 365 can be slow. However, once Bitglass has been established, it's not really noticeable.

They are improving their interface all the time, which is helpful. They have done some changes to make it simpler.

In our environment, when an Active Directory password changes, we tend to have some latency issues with access. It takes about 15 minutes before that password is accessible through Bitglass after the change. That would be the major thing I see as a negative.

The Active Directory password thing created a lot of negative feedback from our end user staff. As we move forward, we will probably have to evaluate that to see if it appears in other applications. At this point, we don't have any plans to discontinue it, but as we scale up, we will probably have that conversation.

Where I missed a step: I didn't provide enough training to our end user staff and system admin staff. This created some elements of frustration for them as they migrated to the cloud applications. The password synchronization piece seemed to be the big negative thing. When people can't log into an application, they get pretty uptight about it. That is probably my biggest misgiving.

The synchronization/password change issue is probably the most glaring problem that we have with it. Unfortunately, it's one that hits anybody who uses the product. Anytime their password changes, it becomes an issue.

About a year and a half.

The solution's overall uptime is excellent. We have never really had any downtime.

We don't really do much maintenance, because there's not a whole lot to maintain. Maintenance is pretty much done by a system administrator and me.

We only have about five applications that we are using. 

Our whole company is going through the solution, so there are about 170 users.

Their technical support is excellent, accessible, and quick to respond. There is very little delay. We are not waiting around to hear back from them because they are right on top of it. Therefore, I would give their support staff excellent reviews.

It seemed complex in terms of getting used to navigating the interface.

Our deployment took a bit longer because we were in the process of migrating to Office 365. I am not sure I can pin that on Bitglass, as we would have to contact them when we got a new set of users. A lot of that was us getting use to managing Bitglass. They held our hands for several months. I don't think it was because of Bitglass as much as the timing of implementing Office 365.

We were in the process of implementing Office 365 and Salesforce. This was chaotic, and not the best example of an organization going to the cloud, but we got through it.

With their support, onboarding it was excellent. They helped us through the entire process and were easily accessible when we needed them. Their support has been excellent.

It was a good solution at the time because I didn't feel Office 365 was giving us a very robust solution. They have gotten better. So, when our renewal comes up, we will have to evaluate if we want to continue with Bitglass or if we feel that Microsoft is giving us enough of a solution.

We did really evaluate other solutions. We wanted something that was cloud-based, not an appliance.

This solution was recommended by a couple of third-parties who were using it.

I would spend more time on the proof of concept than we did. We didn't really have the available applications to test it as robustly as we probably normally would have.

I would give the solution an eight out of 10. 

Bitglass allows us to leverage cloud applications with security. What that means for us is that, as our applications are moving from on-premise to the cloud, we can have security controls on who logs in, around when they log in, and what data they're accessing. That's what Bitglass allows us to do.

We're not using the proxies. We're only using it for the login policy management.

We can now allow people to access cloud apps on their laptops, safely and securely, when they're not in the office. It allows us to have more flexibility, working from home or remotely during COVID. This is a security platform that allows all that to happen. Without having Bitglass, our work from home strategy would be drastically different and our potential for productivity would be reduced.

The solution provides a single platform for CASB, web security, advanced threat protection, identity, data loss protection, and zero-trust network access. It does all that in one product. It's good because it allows us to adopt more and more cloud apps. It really gives us the flexibility to pursue any new technology that is going to benefit our organization and that is in the cloud.

Bitglass also provides a single policy page to secure all of our interactions to the cloud applications. It does not do it for on-prem, in our case. It could do so, but not the way that we have it configured. But for our cloud interactions, we have unifying policies; a single spot on the platform. From there, we can say, "This set of cloud applications needs to follow this policy." From that point, we can see which policies are being applied. So it's a single spot for policy management. It simplifies our security operations.

The core CASB solution is the most valuable part. It allows us to put policies in place around which devices can log into our cloud applications. We have a policy that states that only company devices can access these cloud applications. Our most sensitive data lives in our email, which is in the cloud, and in Slack, which is our messaging platform, and it lives in Box which has all of our files. The ability to access all of that, our critical data, has to be from a device that's company-issued so we know that the security level and the encryption level are up to a certain point.

It does a great job of securing us against data breaches and attacks. Prior to our moving over to Bitglass, we had one incident where someone's password was compromised. Whoever the hacker was, was able to log in and then send emails on behalf of this individual at our company. After we implemented the Bitglass solution in front of email, that scenario was no longer possible. They can't log in from a device that's not company-issued because now we have these policies set in place.

In terms of how the solution secures us against data leakage, their technology is good in the sense that it resides at the login point. That means that at the point that you're trying to get to the application, you need to fulfill a certain set of applications or a certain set of policies.

Their new SASE (secure access service edge) product would have been the one thing I would have requested. Now that they have that platform, I'd like to see it as integrated and seamless as possible with the core product. That's what they're working towards and that's where we're seeing the advancements.

I have been using Bitglass for over two years.

The solution's overall uptime is good. We haven't had downtime for Bitglass in production. 

For us, it's scalable. We have not seen any issues.

We've got a 50-user license for our company. The users are from across the company, and our adoption rate is 100 percent.

Their tech support is good. They're a 10 out of 10 in responsiveness and they're an eight out of 10 in getting the resolution, which usually involves code changes.

This is our first CASB solution. We went with Bitglass for the security of our cloud apps.

The setup is fairly straightforward. It's not perfectly straightforward because you need to understand how it integrates within your cloud apps. Once you have the connection, the identity providers, then setting up the policies is easy.

We ran deployment and testing for about a month before going live.

In terms of our implementation strategy, we had a separate instance of the cloud apps running in parallel to test out all the policies and to fine-tune all of our policies. Once that was complete, we used that on our production tenant.

We worked with an integrator called RFA, but we did most of the testing on our side.

We have absolutely seen return on our investment with Bitglass. From a cybersecurity standpoint, we have more controls. And from a productivity standpoint, we have more and more cloud apps that we have deployed, and that's really working in our favor.

We looked at Netskope and Skyhigh, but that was this two years ago so our comparisons are fairly outdated now. But at that time, Bitglass had the best SAML integration, which is the identification and integration services. That was the key for us as we were looking to connect into a lot of cloud applications.

You should definitely look at Bitglass as part of your process. I think it's still best of class and I think there is a lot of innovation that's happening at Bitglass. In terms of a CASB, and in terms of this new product for SASE as well, they are the best in terms of the feature set that they're offering.

As for maintenance, we've got one infrastructure engineer and part of his responsibilities is to look at the weekly logs for Bitglass to see if there are any unusual connections.

• Location proximity mapping
• Data type inventory
• Simple integration

It allows a window into who is sharing what types of data internally and externally. It allows us know where sensitive data is really stored and offers the ability to quarantine based on data types and sharing criteria.

• Reporting
• Simpler policy creation

I have used it for 16 months.

The cloud-based portal tends to get slow as the number of events increase.

The sales staff promised more than they can deliver, but the technical staff is excellent.

I did not previously use a different solution.

Initial setup was simple.

Negotiate for the pricing model that fits your budget. The vendor is willing to customize pricing.

Before choosing this product, we also evaluated CloudLock, CipherCloud and Skyhigh Networks.

Take your time and have each vendor set up an actual proof of concept, rather than just relying on a demo. Get your network and support staff engaged in the process early on because they will be instrumental in deployment and support. Know what you’re trying to accomplish.