Forcepoint Case Studies Payment Leader Achieves PCI Compliance with Next-Gen CASB

Edit This Case Study Record

	Payment Leader Achieves PCI Compliance with Next-Gen CASB Forcepoint

Payment Leader Achieves PCI Compliance with Next-Gen CASB

Forcepoint

Technology Category	Cybersecurity & Privacy - Cloud Security
Applicable Industries	Finance & Insurance
Applicable Functions	Business Operation
Use Cases	Cybersecurity
Services	Cloud Planning, Design & Implementation Services Cybersecurity Services
Challenge	The payment and debit-card processing leader standardized on Google's G Suite, but struggled to achieve PCI compliance for its auditors. With a mix of regular employees and contractors, managed and BYOD mobiles and laptops, as well as a geographically distributed work force proved challenging when it came to achieving PCI compliance. The compliance team wanted to restrict contractors to browser access and only on the corporate network, whilst allowing regular employees full access on managed devices and corporate networks, but restricted access on BYOD. Read More
About Customer	The customer is a leader in payment and debit-card processing. They have a diverse workforce consisting of regular employees and contractors, who use a mix of managed and BYOD mobiles and laptops. The workforce is geographically distributed, adding to the complexity of their operations. The company had standardized on Google's G Suite but was struggling to achieve PCI compliance for its auditors. The compliance team had specific requirements for access control, wanting to restrict contractors to browser access and only on the corporate network, while allowing regular employees full access on managed devices and corporate networks, but restricted access on BYOD. Read More
Solution	Bitglass delivered a complete solution out of the box. The Bitglass solution included SAML single sign-on, so the customer terminated its contract with Okta and configured Bitglass to be the identity provider for G Suite. Installing the Bitglass AD sync agent automatically provisioned users on Bitglass mirroring user groups and privileges. Configuring WYSWIG access-control policies on the Bitglass console enforced the rules that were required for compliance. And Bitglass’s unique AJAX-VM technology meant that no agents or configuration or spoofed certificates were required on either managed or unmanaged laptops. Users simply logged into G Suite and were automatically redirected via the Bitglass proxy service. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Cloud Security

Applicable Industries

Finance & Insurance

Applicable Functions

Business Operation

Use Cases

Cybersecurity

Services

Cloud Planning, Design & Implementation Services

Cybersecurity Services

Challenge

The payment and debit-card processing leader standardized on Google's G Suite, but struggled to achieve PCI compliance for its auditors. With a mix of regular employees and contractors, managed and BYOD mobiles and laptops, as well as a geographically distributed work force proved challenging when it came to achieving PCI compliance. The compliance team wanted to restrict contractors to browser access and only on the corporate network, whilst allowing regular employees full access on managed devices and corporate networks, but restricted access on BYOD.

About Customer

The customer is a leader in payment and debit-card processing. They have a diverse workforce consisting of regular employees and contractors, who use a mix of managed and BYOD mobiles and laptops. The workforce is geographically distributed, adding to the complexity of their operations. The company had standardized on Google's G Suite but was struggling to achieve PCI compliance for its auditors. The compliance team had specific requirements for access control, wanting to restrict contractors to browser access and only on the corporate network, while allowing regular employees full access on managed devices and corporate networks, but restricted access on BYOD.

Solution

Bitglass delivered a complete solution out of the box. The Bitglass solution included SAML single sign-on, so the customer terminated its contract with Okta and configured Bitglass to be the identity provider for G Suite. Installing the Bitglass AD sync agent automatically provisioned users on Bitglass mirroring user groups and privileges. Configuring WYSWIG access-control policies on the Bitglass console enforced the rules that were required for compliance. And Bitglass’s unique AJAX-VM technology meant that no agents or configuration or spoofed certificates were required on either managed or unmanaged laptops. Users simply logged into G Suite and were automatically redirected via the Bitglass proxy service.

Impact #1	The Bitglass solution provided a complete, out-of-the-box solution for the customer's compliance needs.
Impact #2	The solution included SAML single sign-on, eliminating the need for a separate contract with Okta.
Impact #3	The Bitglass AD sync agent automatically provisioned users on Bitglass, mirroring user groups and privileges.

Impact #1

The Bitglass solution provided a complete, out-of-the-box solution for the customer's compliance needs.

Impact #2

The solution included SAML single sign-on, eliminating the need for a separate contract with Okta.

Impact #3

The Bitglass AD sync agent automatically provisioned users on Bitglass, mirroring user groups and privileges.

Download PDF Version

Overview

Payment Leader Achieves PCI Compliance with Next-Gen CASB

Operational Impact