Likelihood to Recommend If you are considering BitSight Security Ratings as a portion or bulk of a larger vendor management project you will be well served in letting the risk scores be an indication of how closely you need to examine a vendor. However, you should not base your assessment solely on the risk score provided. The risk score is based on publicly available data and can be inaccurate.
Read full review Over the years, [in our experience], the maintenance of the Forcepoint Web Security solution proved to be more cumbersome and troublesome with each version upgrade. In addition, it did not transition well to support the large increase of remote workers. We also experienced weird incompatibilities with the client. We have since replaced this solution with Zscaler Internet Access, a cloud-based secure web gateway solution with a client that behaves as expected, is more flexible, and requires significantly less administration.
Read full review Pros Security hygiene tracking over time Understandable risk score based on observations Predictability model of potential cyber security issues based on security habits. Read full review It prevents users from accessing websites that may have recently been created for the purpose of distributing malware. It prevents users from accidentally or intentionally accessing websites that are considered inappropriate for a work environment. It allows us to create different policies for different teams in our organization. Read full review Cons Since data is based on public registration IP and domain data can be stale depending on ISP/Domain registration update delays. Correcting a false detection is a month-long endeavor and requires the company with the impacted score to clean up BitSight's data. Customer service for incorrect data is convoluted and requires a deep understanding of domain registration to correct the data. The responsibility for correcting data is placed solely on the customer's shoulders. Read full review The user access logs contain a lot of useless information. I understand this is very hard to tackle as I've seen this across any product that logs web activity. I would like to see more customization options of website block pages. Read full review Likelihood to Renew It is very stable, the organisation has "locked in" the product and has no plans to change or try another product. We have already renewed our 2019-2020 licenses. It is user friendly and people catch on easily when they first use it. The only downtime is when we install Microsoft updates! It has excellent reporting which help in determining how the organisation's Internet is used and also during both internal and external IT audits.
Read full review Usability Despite the intimidating Linux CLI when you use the appliance for troubleshooting, the web security usability compensates as most of the Administration of the system is done there. It is GUI based and has an easy to use UI where one can navigate around rather easily like getting reports, checking alerts, looking the whole setup under deployment to check if all services are running in one place though there are other parts to the system.
Read full review Support Rating The is a quick first response to acknowledge your issue and the Engineers never take more than two hours to fix an issue and we hardly get issues looking at the fact that the system is pretty stable. There is also a robust Knowledge Base in the site for known problems.
Read full review Implementation Rating Research known issues with upgrading from the Support Knowledge base, this will enable you avoid road blocks along the way and reduce your dependence on Forcepoint Support
Read full review Alternatives Considered BitSight Security Ratings ranks evenly with
SecurityScorecard and both below
OneTrust for our use case. We needed a platform that would let us define risk for our organization and weight scores differently based on data sensitivity. BitSight and
SecurityScorecard are aggregate data that can provide insight into the security habits of a potential vendor and should be considered as an addition to most vendor management projects. However, they both provide metrics based on hygiene and not on data-defined risk. In concert with a platform to evaluate risk based on data and to inform the overall evaluation of a vendor, BitSight Security Ratings can be made to shine. Just understand that you may have to validate some data.
Read full review To be honest, once using Forcepoint for our Web Security, I have not wanted to look anywhere else. The dashboard gives me quick insight of threats, productivity, and bandwidth usage. Again, this is a layer in my security and it fills many holes. I feel safe and I do like I can just let it do its thing
Read full review Return on Investment Wasted resource hours cleaning up data to correct erroneous risk score. Extra time spent addressing calls from clients about erroneous risk score data. Extra time validating risk score provided by BitSight Security Ratings for potential vendors to ensure valid data. Read full review Being a non-profit the cost is a bit higher than some competitors so our ROI takes a bit longer to recoup. I would really like to see better non-profit pricing. The ease of doing a report on someone cuts down on the IT man-hours to do website tracking for managers as we can do it from a central point whereas in the past (prior to Forcepoint/Websense) we would have to ghost their machine to look for activity as well as their local servers. Read full review ScreenShots