KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Thank you. Hi everybody. And I apologize for not being there in person with all of the changes in COVID and travel. I had to stay home, but I'm happy that with, with technology we can meet. My name is Nira VAX. I I'm one of the co-founders of big ID. I I'm responsible for technology in the product. So effectively the CTO of the, of the company out of the Tel Aviv office, a little bit about big ID. We are a 350 people company. We've raised hundred 50 million headquartered in New York.
We have our largest engineering organization in, in Tel Aviv, and we focus on helping organizations get visibility into the database store across the board and all of their different data sources, structured unstructured, big data in order for them to be able to take action on that. And obviously the main focus is around data security, privacy, and data governance. And I'll talk a little bit about that as a part of this kind of presentation. So I'm here really to talk about kind of the, the, the modern or the new data protection challenges, data security, challenges.
Many of you are probably well aware of. I'll just give a really quick recap, but I think the, the most important aspect of my presentation, at least obviously being from big ID is to show how a new approach is required and how a new, how you can harness AI to solve a most of those problems and challenges.
And at big ID, we, we, we use multiple layers of machine learning and AI in order to solve some of the hardest problems in data discovery, whether those challenges are scale, whether those are accuracy of the discovery and whether those are the operationalization and the ticking action on the data. So as, as you all are very well aware, there are organizations have been collecting endless amounts of information across multiple different sources.
Those information, that information comes from mobile applications from websites, from third party, data sources or data providers, and they get aggregated and collected in the organization, gets transformed and moved around, used by business, several different business units. And nobody really knows what data is being stored.
You know, there is a knowledge about the known data, but this data gets replicated. It includes customer IDs.
It could, it includes IP information, business data, and a lot of it is really, really remains unknown or unseen, definitely for, for the broad population. So there isn't a single person in the organization that really knows what data the organization stores a as, as a whole. And we are seeing that in very small organizations, even with an organization, relatively small as big ID, we are starting to see those challenges of information from marketing from, from, from our support organization, from our development organization, from the data science organization.
So very quickly you need, you are running into these, these challenges and, and, and that aggregation of data comes with a toll and with a risk. And we are seeing that these, these breaches that do not stop. And when we started big ID five, six years ago, we started because we've started noticing those large breaches. And the fact that sensitive information has, is, is leaving is, is being breached or, and stolen from organizations and the amount of, of, of impact this has on the organization.
And that trend has only gotten worse since then, and as CISOs, that is probably the main reason of not sleeping well at night to augment that and to protect that there is no shortage of regulations that come in action and to help right security organizations to govern and the data to make sure that the data is protected, whether those are traditional data related regulations like PCI or, or HIPAA, or the, the more new regulations around privacy, like GDPR or CCPA in the us. And that increases the, the, the pressure on the security organizations to provide more visibility into the data.
So how does big ID help? Right.
So big idea really is sole purpose is to help organizations better manage and protect their data by providing full visibility into the data, wherever that data resides and giving you the ability to take action on your data, the way we do it is we provide very broad coverage over any type of data source that, that you may have structured data sources like databases, unstructured, data sources, like file shares, or, or Google drive office 365 semi-structured data like the more modern storage and, and analytics tools like MongoDB or Cassandra or DynamoDB data in motion, whether it's in API gateways or in Kafka queues data in use through APIs, business applications like data in SAP or in Salesforce, Workday.
So data is everywhere. And our charter is to connect to the data, wherever that data resides. Once we connect to those data sources, and we do that, agentlessly, we don't copy the data. We just scan the data and do not persist it and only store the metadata around it. And what we do as a part of the analytics is help, you know, your data. What does that mean? First and foremost, catalog all the information that you have across those data, data assets, it's about classifying the data.
So, you know, what type of data you have where correlating it to a business entity cluster analyzing it. So, you know, where you have similar and duplicate data. So even if you don't know what to look for you for, for that dark data, you know, where you have similar data, so you can apply similar controls to that data, and then eventually taking action on that. So we have an application framework that allows you to run end-to-end applications that solves specific end-to-end use cases.
For example, in, in security, managing who has access to the data, we collect the ACLS on the data, and you could see find open access to sensitive information or over privileged groups that have too broad of access that you want to, to, to access, to, to control breach investigation, sensitivity classification, and the ability to, to, to apply a sensitivity score to each data element that you have. But we also provide the integrations into third party tools so that you can en enrich your DLP label files.
And your DLP now has more visibility into the data because they can use Microsoft information protection labels, or integrating into your database activity monitoring tool to enhance their security control. So we help you also enhance your existing security security portfolio. And obviously there are applications not only for security applications for privacy, like subject access requests, finding an information about an individual applications in data management, for example, metadata class, metadata cataloging, or stewardship, or data quality, or their retention and record management.
So there are a lot of applications you can run on top of this platform, either applications that big ID provides, or applications that you get from third parties or integrate into your existing tool. So that's kind of an overview of, of, of the application. Let me drive a little bit deeper into how we do those, those things and, and how it all works.
So really the, the fundamental goal is to discover the data, just find the data and that that is relies on the ability to connect to a very broad set of, of, of data sources with that discovery comes the ability to classify the data and apply various different classification to the data. So we have a broad set of regular expression, libraries of hundreds of regular expressions and classifiers, but we also have machine learning based classifications like, like NLP and N EER named entity recognition. We have deep learning classifiers that help you find data in, in classify entire documents.
Where do I have financial records? Where do I have medical records? Where do I have CVS? Where do I have legal forms? And that's using a deep learning technique that, that, that learns from, from samples of documents, you can build your own classifiers as well. On top of that data classification, you can now classify the sensitivity of those files using more advanced rules. If you have a combination of, of sensitive information or financial data, it makes it highly sensitive or confidential. If the data doesn't contain any sensitive information, it may be unclassified.
You wanna be able to classify that information. Our machine learning can also help you predict this, the, the classification and the sensitivity classification across your data estate, just by sampling a small sample of your data. That's another use of machine learning that is expediting the discovery, allowing you to sample rather than run everything, run through all of the data. You can then define security risk and big calculates, a risk score for each of the data elements that you have. So you're able to, to assign to security controls based on the risk and prioritize the risk.
The risk is aggregated configurable based on your preferences and aggregated at the data source level. So you can apply controls accordingly. Since we collect the metadata of the files, we also know where you have open access or over, over exposed data that has high value or high sensitivity. And that allows you to remediate that and to reduce open access and understand the hotspots of your, of your sensitive information.
Once all of this data intelligence is in a big ID, you can now enforce policies and you can say, okay, for GDPR, I'm not allowing this type of data in these type of systems for PCI. I want to understand the scope so that I can apply security controls only to the systems in scope for PCI that have access or touch PCI data. This is done by defining those policies. Those policies go across your entire data state and identify where this type of data exists, or these terms exist and can trigger actions. They can trigger actions like labeling of the files.
They can trigger actions to go to remediation C cetera. So this is kind of the arms and the legs of your data discovery capability. This is the orchestration tool that allows you to now trigger maybe even a sore tool for re remediation. Big idea also has a, a delegated remediation management application that allows you to take all of those findings from the policies and push them down to the business owners, to the owners of the data. A lot of the CSOs that we speak to really have a preferred, not to be in the, in between the, the data security policies and, and the business.
They want to enable the business to gain visibility into their findings so they can take the actions either manually. They can just re it's very easy for a business user that owns a file to remove access from the file to everyone or to remove access externally.
So that enables a lot of quick remediation, even without putting a lot of automation in place, but also this can trigger automated actions that can take it, take a further step and take the last mile of, of remediation as well, but form, but allows the business to control that you don't want to go out and, and, and disable open access from a, a thousand files without having the business take this action on their own. All of this is audited with reports.
You can send to your management showing progress over time, auditing the activities full control and our back over who can actually see the data, etc. And as I mentioned, the open platform allows you to integrate into third party tools. And big ID comes with dozens of integrations built in into security, data management, data governance, GRC tools that need that data intelligence in order to better operate. So we can enrich your GRC tool with actual data instead of relying on, on people, attesting to what type of data is there.
We can operationalize the data through integration with DLP or with encryption and masking tools. And, and, and we could also integrate with your security vault in order to secure the, the entire process. We don't have a lot of time, but I'll, I'll give you a quick demo of the applications, just so you can get a feeling of how it looks like. So you can see that the big idea gives you a quick dashboard of, of the data that was discovered, how many data sources are we scanning?
How many entities, the correlation actually tracking who owns this data, who are the data subjects, the policies that were triggered and the attributes that were actually found. It also has the ability for you to define custom dashboard. So you can define a dashboard just for security. And that dashboard will show you for example, sensitive files with open access or classification of sensitively sensitive information, and find all of the, all of the high, medium, and low sensitivity data across the board.
If you go to your high sensitivity, it will basically drill down and give you a, a more detailed view of where those findings are located, such as the, the, the top attributes that were found and, and where those attributes were found, any access for. So you get, you get a quick dashboard of all this information.
The classification shows you the different types of classification that big ID offers, whether it's regular expression or whether it's a more, a more advanced, deep learning type of, of discovery document class, classifiers that can find invoices or boarding passes or financial statement and where those are located. And then you have the application management on top of it, where you could actually drill into security application, for example, to understand access to the data.
So you could see data sources with sensitive data that have open access, right, or, or objects or files with sensitive data that have open access. And if you drill down into it, you could actually go and see the actual files that need remediation. You could also in inspect those files. You can find users with, with direct user access or groups, and have those users basically audited through to be audited by the, by an auditor.
And, and that triggers a task that opens a, a task and to review by, by the proper people. And then remediation app application allows you to manage access to, to, to all of this information control access, and to help you remediate through your business users. We also have the action center that allows you to essentially take action over, over when, when, when a, a, an to make an API call, sorry, when there is a, a triggering of a, of a policy, and that can allow you to automate a lot of those controls altogether. So this is kind of a quick overview of, of big, I.
