Today, businesses leverage a plethora of software programs to beautify productivity, growth collaboration and evolve their businesses. Some of those programs are IT authorized and are bought with a license via the agency at huge; as an example, Office 365, Slack, or Salesforce. These are called licensed, controlled, and sanctioned applications, but they all fall below the same app class (these titles may be used interchangeably).

In addition to the above, groups’ employees use unlicensed, unmanaged packages that their IT departments both do no longer recognize or approve of – that is referred to as shadow IT. Examples of shadow IT can encompass Facebook, Dropbox, and HighTail. Seldom do businesses have expertise approximately the protocols, compliance worries, or threats worried in the use of those unsanctioned programs. Consequently, as they may be an unknown quantity and are not sufficiently monitored or managed via IT, those apps constitute an street for data leakage and breaches.

How does Bitglass discover and provide manipulate for unsanctioned apps?

– In order to find out the unsanctioned apps used in company environments, we advise customers to carry out shadow IT discovery. This is achieved via importing firewall logs or putting in place a syslog forwarder to a cloud get entry to safety broking (CASB) like Bitglass.

– Bitglass then reviews the logs and gives targeted analytics on company statistics usage, together with the unsanctioned apps getting used.

– In addition to discovery, Bitglass gives clients the capacity to implement DLP guidelines on these unsanctioned apps, supporting mitigate threats and the chance of disclosures.

Some movements furnished through the Bitglass CASB to comfy unsanctioned apps are as follows:

1 Block: Blocks users from gaining access to the unsanctioned app.

2 Coach – Block: In addition to blocking off customers from accessing the unsanctioned app, it coaches them to use a sanctioned utility from the equal app class.

3 Coach – Allow – DLP: Taking the permissions a step similarly, we are able to perform DLP movements on unsanctioned programs, offering numerous ranges of statistics get right of entry to and preventing facts leakage.


Bitglass also provides an agentless opposite proxy deployment that leverages integration with unmarried sign-on (SSO) providers like Okta. When a user logs into any application through single sign-on, the visitors are then prompt thru Bitglass for actual-time visibility and manipulate.

What is Bitglass’ recommended safety approach?

– Secure primary SaaS apps: More than ninety-five % of company information resides in sanctioned packages. Organizations know that the enormous majority in their facts lies within not unusual applications like Office 365, G Suite, and others. As a cloud access protection broking, we strongly urge all organizations to look for inline safety of these sanctioned SaaS apps.

– Shadow IT discovery: Next, we advocate you perform shadow IT discovery to benefit visibility into the unsanctioned programs being used by employees without IT’s expertise.

– Long tail SaaS: After securing major SaaS apps and identifying shadow IT, you may upload inline safety to provide safe utilization of these unsanctioned applications.

In the above way, you could rest assured that your facts safety priorities are being sorted in the precise order.

Want to look Bitglass in motion? Request an unfastened demo.