PRIVACY & PERSONAL DATA PROTECTION IS A DEFINING 21st CENTURY BUSINESS ISSUE BigID was started to help organizations address emerging personal data security, privacy and governance challenges. BigID is the first technology to take a privacy or identity centric approach to solving personal data insecurity.
The Challenge of Privacy & GDPR Compliance Petabytes of Data Structured, Unstructured, + Personal Data Rights Find PI Vs PII Continuous Compliance Understanding Data Risk Residency Context Bridge IT & Business BigID takes a completely fresh approach to personal data protection and privacy by putting the person at the center of how it finds, secures and governs personal data. Traditional DLP, DRM, DAM, ETL technologies rely on RegX classifiers. This worked ok for well structured PII like PCI data but breaks down for privacy use cases that require you to find PI and not just PII, look across all kinds of data and not just files or databases, and automatically index data by person.
BigID Redefines Personal Data Protection & Privacy Find PI not Just PII Inventory & Map Data By Identity De-risk & De-identify Operationalize GDPR & Privacy BigID is the first data protection solution to take a privacy or personal perspective to protecting personal data. BigID is the first company to help organizations find PI and not just PII Inventory and map the data by person, residency, data type etc Measure data and privacy risk in an actionable way Operationalize privacy requirements like data subject rights (like right-to-be-forgotten), data processing record keeping, consent tracking, breach notification by state and country etc
BigID Addresses Hardest GDPR Data Problems EU GDPR Alone Can Cost Companies Over 4% of Revenue. Personal Data Rights (Right-to-be-forgotten etc) Article 30 Data Processing Record Keeping Privacy Risk Assessment 72 Hour Breach Notification Data Consent Tracking BigID is not a GRC solution. We provide a data-driven way to address data specific GDPR protection and privacy requirements These include: Satisfying personal data rights like right to access, port, rectify and erase one’s data Satisfy Article 30 record keeping requirements for data processing Measure and de-risk privacy risk Provide targeted breach response by residency of those impacted Correlate existing consent logs with people for easier management
Inventory & Map Personal Data Use Case: Inventory & Map Personal Data Automatically inventory personal data by type, residency, person, data source, application, ... Figuring out what you have is the first step to good security. Personal data is the most critical digital asset a company has. There are no effective ways for inventorying and mapping it. BigID does this without copying or duplicating the data. Data stays put.
GDPR Data Subject Rights Automation Use Case: GDPR Data Subject Rights Automation Patent-pending Correlation Automatically Indexes Data By Person for Right-to-be-forgotten BigID provides GDPR data subject automation from request management through fulfillment We provide screens for data and security analysts for finding and managing response workflow We provide screens for support to manage customer requests and support We provide SDK self-service options for companies to embed inside their web and mobile apps
Use Case: Automate GDPR Data Record Keeping Simplify How Companies Build & Maintain Article 30 Data Processing Records BigID provides the first data-driven automation for building and maintaining records of data processing as required by GDPR, ISO HIPAA etc Where traditional records are exclusively survey based, BigID lets companies build initial records from scanned data for accuracy and value BigID provides a studio to let companies supplement found data with additional collection and processing elements BigID provides a supplementary survey tool to easily capture business context like data processing purpose of use from business owners
Manage & Action Data Residency & Privacy Risk Use Case: Manage & Action Data Residency & Privacy Risk Get 360 View of Data-at-risk via Identifiability, Residency, Type, Usage, Consent, Purpose-of-use BigID helps companies assess their data risk Let’s them measure how different factors like data type, residency, store and access contribute to risk and then take action accordingly - configured by the customer, we are not prescriptive about the risk model
Breach Response Investigation Use Case: Breach Response Investigation Quickly determine exactly whose data was compromised in case of a breach to minimize the impact Being able to effectively find, inventory and map personal data also aids with breach response. 48 states have breach response regulations along with Europe. If a company wants to avoid notifying every consumer (at a cost of about $250 per customer) each time there is a suspected breach a company need to be able to quickly determine who was affected so that a company can take the appropriate action for each state or country. With BigID they can achieve that and also simplify investigation by helping to determine where a dark web data dump came from and what applications were accessing it
BigID Innovations for Privacy Protection Correlate to Person Petabyte-scale Any Data / Any Language API-first On-prem or Cloud Find PI Not Just PII Document Data Processing No Data Copying As the first privacy-centric data protection solution BigID introduces a number of firsts Find PI and not just PII Automatically index by person for satisfying data subject rights Provides other GDPR compliance like consent and article 30 Decentralized architecture allows global scale without copying or duplication Simplifies risk management Can scan any data from structured, to unstructured, to mainframe, to cloud, to SAP, to snowflake Can run in data center or cloud Easy to integrate and orchestrate via its API first architecture
Find, Inventory & Map Personal Data At Scale Identity Correlation & Intelligence. No Data Centralization. Span Data Center & Cloud Mine Machine Manage Agentless Analysis Reporting Any data type API Cloud Unique correlation-first technology applies search engine ingenuity for indexing and mapping personal data without software agents. Product is deployed as small footprint docker image in the customer’s data center or cloud (like AWS and Azure) Data sources can be added via CMDB, API script, DAM like IBM Guardium or manually Instead of regular expressions the system is pointed to examples of whatever identity data is being discovered (employees, consumers, clients, IoT, IP, …). We call these identity sources. System uses seed data as a learning set to then scan other data sources initially looking for learned data and then other nearby data with high correlation back to the identities. The system then iterates on this building a map of an individual’s data across all kinds of data sources ranging from database, to file share, to hadoop, to mainframe, to SAP, to cloud and even log data etc BigID then give operators various ways to interact with data via UI, API, Reports, Logs, 3rd party integrations
Insight For Privacy, Security, Data Personal Data Rights Smarter Enforcement Data Intelligence Automate right to access, port and erase data. Make DLP, DRM, DAM & SIEM more accurate. Find hard to find identity-centric sensitive data. Records Of Processing De-identification Inventory & Map PI Build & maintain records of data processing. Make personal data safer to store, share & analyze. Know what data resides where, and what data belongs to whom. Consent Management 72H Breach Notification Data Abstraction Correlate consent logs to data and people. Targeted, residency specific breach response. Rationalize access to sensitive data using BigID data map. Knowing what data you have isn’t just useful for privacy. Also has impact to security and data more broadly.
Know Your Data So where does BigID go in future for PROTECTION for PRIVACY for GOVERNANCE So where does BigID go in future Provide deeper insight into any class of identity data so that organizations can better safeguard, manage the privacy and govern data
Thank you REDEFINING PERSONAL DATA PROTECTION & PRIVACY bigid.com | info@bigid.com | (917) 765-5727 | @bigidsecure schedule a demo at bigid.com/demo