BigID automated the process of Data Subject Requests (DSR) and data discovery of databases containing personally identifiable information (PII).

I worked on a project using BigID for automating DSR and data discovery for PII. The project was divided into several phases. The first phase involved business contact and socialization, where we reached out to different stakeholders and learned about their databases and which tables contained the most PII. The next phase was the technical gathering phase where we understood the IP address, tables, port numbers, and whether the IP was dynamic or static. The subsequent phase was the build and connectivity phase where we created data sources from those databases.

The most valuable part of BigID was the scan and result phase, which provided nearly accurate results of the databases containing PII numbers and the metadata of the PII present in the database. It also described what the tables contained. We had the asset owners verify the results, and the next phase was the test phase where we collected primary data sample test cases such as email IDs or employee IDs to conduct test DSRs on the process. When scanning results were correct and accurate, we closed them out.

BigID should focus more on the unstructured data part because many organizations have significant amounts of unexplored unstructured data containing large quantities of PII that they are not even aware of. If BigID could scan unstructured data in a seamless way as they do with structured data, it would be very useful for companies to discover the PII data hiding within unstructured data.

The best features BigID offers are data discovery and DSR, along with the policies they provide, including custom policies that we can create to ensure scans and results are accurate.

The custom policies were based on regulations such as GDPR, CCPA, CPRA, and India's LVDPA. Some policies we created were custom due to business requirements and information that was considered PII based on the company's specific context. In those cases, we created special custom policies so that during scans they capture information as PII. BigID also gave us the advantage to create custom policies for the scan process.

The challenges with BigID were not primarily from BigID itself but rather from the database side, where scans sometimes failed due to issues originating from the database rather than BigID. BigID's user interface was problematic as it was not very user-friendly, though I believe it improved over time. Apart from that, BigID deserves recognition for the data discovery part, which has been wonderful and quite accurate, along with the confidence level process that allows us to fine-tune results for better accuracy from the database.

The user interfaces can be improved, and not only for DSR or BigID scans but also for other aspects of data privacy. BigID can also improve its focus on unstructured data and make certain enhancements in that area.

I have been using BigID for around two and a half years.

The initial setup and configuration of BigID for my client was seamless because folks from BigID helped us set up the configurations.

I would prefer to work on more features that BigID offers, which I have not yet explored.

Although I was serving the client rather than my own organization, BigID has made scans faster and more efficient, and the DSR results are much more accurate. We can obtain results in a very short amount of time. The manual DSR process would take days and maybe weeks, but with DSR automation, results come in minutes or hours. This made a significant improvement and saved considerable time for my client. I have mentioned everything I am aware of regarding areas where improvements are needed. There may be other cases, but I am not aware of them.

Since the data sources were mostly on-premise and structured, the integration of BigID with other tools or platforms my client uses is smooth.

I would rate this product a nine out of ten.

My main use case for BigID includes data discovery and classification, DSAR automation, and data remediation.

I use BigID for data discovery and classification in my work by identifying where personal information lies within organizations, which often don't know where their personal information is stored. Organizations may be using or storing client data or any data of their users. When we do data discovery and classification, we get an actual picture of where there's personal data, and sometimes we find places where personal data shouldn't be, raising compliance issues. Regulatory compliance can be costly for organizations, and doing data discovery and classification helps us identify where most of this personal data is located.

In addition to data discovery and classification, I can also use BigID for data DSAR automation. Whenever somebody requests their data to be deleted, it's a quicker process than manually retrieving all the information about where their personal data lies, allowing DSAR automation requests to be fulfilled within 72 hours or so.

The best feature that BigID offers is data discovery and classification, which is the most powerful engine. It allows connecting to many different data sources, ranging from cloud to on-premises to structured to unstructured data. If there is no connector available, you can build your own classifiers as well.

Regarding the custom classifier option, you can build custom classifiers using regular expressions, and I have done that if you know how to create regular expressions. Custom connectors are something you create to connect to a database where the connector is not available.

BigID has positively impacted my organization as it's a very powerful tool, especially with the increasing regulatory compliances for different countries such as GDPR, CCPA, and India's recent DPDPA act. Having these tools in place greatly helps organizations avoid any penal charges for not being compliant with the regulatory compliances.

For example, regarding compliance or reduced risks for my clients, the DSAR process I was talking about allows organizations to respond quickly to user data deletion requests under GDPR law, which traditionally has a 30-day or 60-day timeline. In larger organizations, when the number of requests is high, it becomes tedious. However, using DSAR automation with BigID, it's almost instantaneous; instead of 30 days, you can respond in just one day to what users have requested.

One area where BigID can be improved is the UI, which has a lot of bugs. I believe that if they improve their UI experience, that would greatly help.

In general, sometimes you see bugs, but there's nothing specific that I can point out right now regarding needed improvements.

I have been using BigID for almost five years.

BigID is indeed stable.

BigID is scalable, allowing you to purchase as many scanners as you want.

The customer support for BigID includes L1, L2, and L3 support, which is quite responsive.

I would rate the customer support a six because you cannot directly reach out to L3 or L2 support if there's a major issue. Their standard procedure requires going through L1 first, which can be time-consuming.

I have used other tools such as OneTrust and Security.ai for other organizations, but I haven't seen organizations switch from one tool to another before using BigID.

I have seen a return on investment from using BigID, particularly as it is a regulatory and compliance tool that helps avoid potential penalties for non-compliance. You can save time when it comes to finding where your data lies or automating your DSAR and RoPA automation, among other things. When measuring the amount of penalty that could have been incurred, it was avoided.

My experience with pricing, setup cost, and licensing is limited since, as a consultant, I do not really engage in these discussions. These details are mostly handled by the vendor and the client side, while we focus on the implementation.

Before choosing BigID, I did evaluate other options, specifically OneTrust and Security.ai, but based on the use case of data discovery and classification, we determined that BigID was the best option for us.

I don't have anything else to add about the features. I don't have any specific advice that I can think of for others looking into using BigID. My overall rating for this review is eight.

Data discovery is the strongest use case for BigID.

Data classification is highly effective due to its automatic capabilities. One of the best features of BigID is its strength in data discovery and governance.

I want them to focus on data mapping, assessment, automation workflow, and privacy incident management. The privacy tools have not been widely used, and they have not invested much in privacy code privacy tools.

I have used the solution for five years.

I find it really stable.

BigID is scalable, so the size of the environment can be adjusted based on my organization's requirements.

BigID has one of the best technical support teams.

A lot of customers have moved to OneTrust since they have not given enough time to BigID.

The initial setup is not complex; it is pretty straightforward. Once connected, it becomes easier to connect to other data sources.

BigID is really good in terms of getting out the ROIs. It is one of the best tools in the market.

The pricing is competitive in the market, however, I need to ask for the right price.

I would rate BigID at eight out of ten. I would advise users to go with a small proof of concept, connect to their on-prem or cloud instances, and then scale over time.

I have used BigID to scan for data discovery, data protection, analyze where the data is found, data classification, and data mapping. I integrated BigID with Microsoft Purview to expand the scope of Purview, especially for scanning Google Cloud Platform (GCP) and Google Drives in a multi-cloud environment.

BigID has allowed for expanded data discovery and classification, particularly in multi-cloud environments. This integration helped automate the business processes when used in combination with Microsoft Purview.

BigID is more advanced than Microsoft Purview when it comes to machine learning and AI development tools. It is capable of scanning documents in Google Drive, Microsoft Azure, and other platforms. It has better visibility of data mapping, including data lineage and the lifecycle of the data, due to its ability to scan more data sources than Purview.

BigID needs improvement in terms of automation. Its automation capabilities are limited compared to Purview. While BigID can generate outcomes, it is not adept at automating business processes, which is why we often need to export APIs into Purview and use Microsoft's Power Automate tools.

I have used BigID in the last 18 months.

BigID has had a positive impact on my approach to data security and risk management. Overall, it is very stable, and I would rate it an eight out of ten.

I have used BigID in a very large global setting with approximately 18,000 employees. While I haven't tested it in smaller environments, I would rate its scalability as a six out of ten.

The technical support from BigID is very good; I would rate it a ten out of ten.

The setup of BigID is very easy. It is a cloud-based solution and is very intuitive. You can integrate and install it easily, and it is not resource-consuming.

I'd rate the solution eight out of ten.

BigId is a Data Security Posture Management and Data Loss Prevention solution that scans data systems across the enterprise for passwords, secrets, and PII information.

It offers significant benefits in data discovery, privacy, and security.

We primarily use it to scan structured and unstructured data across our cloud systems, which consist of 100K+ storage buckets. It is a comprehensive data intelligence platform that helps organizations discover, classify, and manage their data effectively while ensuring data privacy, compliance, and governance.

It helped our organization to find and protect where sensitive data and data discovery, privacy, security, and governance, making it a valuable tool for businesses dealing with large volumes of sensitive information across different data systems.

Before using BigID, maintaining an accurate inventory of data stored in our AWS S3 buckets was challenging due to the data's sheer volume and distributed nature.

BigID’s advanced scanning capabilities have provided a comprehensive view of all our data assets across S3 buckets, identifying structured and unstructured data. This has given us a clear understanding of our data landscape, enabling better management and utilization of data.

BigID is excellent at discovering and classifying both structured and unstructured data across an organization. This is crucial for identifying sensitive data and ensuring compliance with various regulations.

It provides a unified view across different databases and supports a wide range of data source types, including cloud and on-premises systems. It offers compliance with various regulations and has a unified view across different databases.

It will support a large amount of data source types which include cloud and on-prem systems.

The solution needs to improve:

Scan Reliability. Enhancing the functionality and speed of the remote scanner setup is imperative.

User Interface Navigation: The dashboards and findings landscape require significant improvement.

API Flexibility: It is crucial to make enhancements in data export operations.

Navigation and Usability: Some users find catalog navigation challenging due to the lack of a search-by-column feature, making locating specific data difficult.

Export Functionality: The export feature tends to be buggy, particularly when dealing with large data sets, leading to delays and necessitating manual intervention

FalsePositives: The process has to find a new way to validate the regex match pattern by validating with some external source

I've used the solution for over a year.

We use the solution for database scanning and data protection.

The tool's most valuable feature is correlation. Using BigID's data classification capabilities has strengthened our data security. It lets me classify and connect data, which helps me manage data at various classification levels.

The challenge we encountered was with data connection across multiple databases. We struggled with configuring the data connection successfully. However, with the assistance of dynamic teams, we resolved this issue.

The tool needs to improve its support as well.

I rate the product's stability as five out of ten. Since the product is new in the market, it's still in the process of maturing.

I rate the tool's scalability a six out of ten.

We connect with the support team, especially when customers require in-depth support. We often communicate with the help desk team.

The tool's deployment is neither easy nor complicated. I often use checklists and standard operating procedures to guide my customer work.

The solution is worth its money.

The solution is expensive.

I rate the overall solution a seven out of ten.

I like BigID's in-depth discovery and scanning capabilities, especially for unstructured data. This feature is a standout compared to competitors.
The tool's data classification capabilities are impressive. It offers custom classifiers and a blend of regular exploration and artificial intelligence, making it a next-generation solution. This enhances data security, and its security posture management is straightforward and user-friendly.

Organizations lack a holistic view of their data. They have structured, unstructured, semi-structured, and cloud data spread across various sources. Over the past five to ten years, companies have amassed a significant amount of data, with around twenty to thirty percent being unnecessary. This leads to storage wastage, compliance issues, audit findings, and vulnerability gaps. BigID is the tool that helps identify and provide a holistic view of the data, enabling organizations to take proper control.

Improvement could be made in data consent management and data privacy impact assessment.

I have been using the product for three to four months.

I rate the tool's stability a nine out of ten.

I rate the tool's scalability a nine out of ten. In my organization, we're not using BigID ourselves; we're partnering with them for distribution and other related aspects. In a particular organization, the user count for BigID might range from 100 to 500.

I haven't needed to evaluate or contact technical support for BigID yet. Since it's new to the Indian market, we haven't acquired any customers who require technical support.

The initial setup is easy, especially since it's a SaaS platform. BigID handles all the infrastructure-related tasks, making it hassle-free. We deploy a virtual appliance or container in our data center. Additionally, the convenience of choosing between SaaS or on-premises platforms is beneficial, as BigID offers both solutions.

As the trend leans towards cloud migration, BigID plays a significant role in facilitating data migration. Whether it's on-premises or in the cloud, BigID provides essential support. It has connectors and APIs for various cloud platforms, aiding organizations in managing data already on the cloud or those in the migration process.

The tool offers good ROI. A comprehensive view of data is crucial, especially for countries with strict data privacy regulations. Non-compliance could lead to heavy fines or penalties. BigID can help avoid such consequences

The solution is not licensed per user but rather based on capacity. For instance, organizations with large amounts of data, such as 50 GB or more, are the ones that typically qualify for BigID.

The tool's pricing is premium so that it could be categorized as expensive. However, its price tag justifies the proficiency of its scanning engine and tools. It's considered a premium tool with a higher price point.

I would recommend BigID to organizations, especially those heavily focused on data policy and customer-facing businesses, particularly in the B2C sector. It's crucial for such organizations as they handle and safeguard customer data. Consent is paramount, and a tool like BigID is essential for managing data subject access requests, discovering data, and ensuring compliance. The classifiers provided by BigID are particularly effective in this regard.

I rate the overall solution an eight out of ten.