My main use case for BigID includes data discovery and classification, DSAR automation, and data remediation.

I use BigID for data discovery and classification in my work by identifying where personal information lies within organizations, which often don't know where their personal information is stored. Organizations may be using or storing client data or any data of their users. When we do data discovery and classification, we get an actual picture of where there's personal data, and sometimes we find places where personal data shouldn't be, raising compliance issues. Regulatory compliance can be costly for organizations, and doing data discovery and classification helps us identify where most of this personal data is located.

In addition to data discovery and classification, I can also use BigID for data DSAR automation. Whenever somebody requests their data to be deleted, it's a quicker process than manually retrieving all the information about where their personal data lies, allowing DSAR automation requests to be fulfilled within 72 hours or so.

The best feature that BigID offers is data discovery and classification, which is the most powerful engine. It allows connecting to many different data sources, ranging from cloud to on-premises to structured to unstructured data. If there is no connector available, you can build your own classifiers as well.

Regarding the custom classifier option, you can build custom classifiers using regular expressions, and I have done that if you know how to create regular expressions. Custom connectors are something you create to connect to a database where the connector is not available.

BigID has positively impacted my organization as it's a very powerful tool, especially with the increasing regulatory compliances for different countries such as GDPR, CCPA, and India's recent DPDPA act. Having these tools in place greatly helps organizations avoid any penal charges for not being compliant with the regulatory compliances.

For example, regarding compliance or reduced risks for my clients, the DSAR process I was talking about allows organizations to respond quickly to user data deletion requests under GDPR law, which traditionally has a 30-day or 60-day timeline. In larger organizations, when the number of requests is high, it becomes tedious. However, using DSAR automation with BigID, it's almost instantaneous; instead of 30 days, you can respond in just one day to what users have requested.

One area where BigID can be improved is the UI, which has a lot of bugs. I believe that if they improve their UI experience, that would greatly help.

In general, sometimes you see bugs, but there's nothing specific that I can point out right now regarding needed improvements.

I have been using BigID for almost five years.

BigID is indeed stable.

BigID is scalable, allowing you to purchase as many scanners as you want.

The customer support for BigID includes L1, L2, and L3 support, which is quite responsive.

I would rate the customer support a six because you cannot directly reach out to L3 or L2 support if there's a major issue. Their standard procedure requires going through L1 first, which can be time-consuming.

I have used other tools such as OneTrust and Security.ai for other organizations, but I haven't seen organizations switch from one tool to another before using BigID.

I have seen a return on investment from using BigID, particularly as it is a regulatory and compliance tool that helps avoid potential penalties for non-compliance. You can save time when it comes to finding where your data lies or automating your DSAR and RoPA automation, among other things. When measuring the amount of penalty that could have been incurred, it was avoided.

My experience with pricing, setup cost, and licensing is limited since, as a consultant, I do not really engage in these discussions. These details are mostly handled by the vendor and the client side, while we focus on the implementation.

Before choosing BigID, I did evaluate other options, specifically OneTrust and Security.ai, but based on the use case of data discovery and classification, we determined that BigID was the best option for us.

I don't have anything else to add about the features. I don't have any specific advice that I can think of for others looking into using BigID. My overall rating for this review is eight.

I have used BigID to scan for data discovery, data protection, analyze where the data is found, data classification, and data mapping. I integrated BigID with Microsoft Purview to expand the scope of Purview, especially for scanning Google Cloud Platform (GCP) and Google Drives in a multi-cloud environment.

BigID has allowed for expanded data discovery and classification, particularly in multi-cloud environments. This integration helped automate the business processes when used in combination with Microsoft Purview.

BigID is more advanced than Microsoft Purview when it comes to machine learning and AI development tools. It is capable of scanning documents in Google Drive, Microsoft Azure, and other platforms. It has better visibility of data mapping, including data lineage and the lifecycle of the data, due to its ability to scan more data sources than Purview.

BigID needs improvement in terms of automation. Its automation capabilities are limited compared to Purview. While BigID can generate outcomes, it is not adept at automating business processes, which is why we often need to export APIs into Purview and use Microsoft's Power Automate tools.

I have used BigID in the last 18 months.

BigID has had a positive impact on my approach to data security and risk management. Overall, it is very stable, and I would rate it an eight out of ten.

I have used BigID in a very large global setting with approximately 18,000 employees. While I haven't tested it in smaller environments, I would rate its scalability as a six out of ten.

The technical support from BigID is very good; I would rate it a ten out of ten.

The setup of BigID is very easy. It is a cloud-based solution and is very intuitive. You can integrate and install it easily, and it is not resource-consuming.

I'd rate the solution eight out of ten.

BigId is a Data Security Posture Management and Data Loss Prevention solution that scans data systems across the enterprise for passwords, secrets, and PII information.

It offers significant benefits in data discovery, privacy, and security.

We primarily use it to scan structured and unstructured data across our cloud systems, which consist of 100K+ storage buckets. It is a comprehensive data intelligence platform that helps organizations discover, classify, and manage their data effectively while ensuring data privacy, compliance, and governance.

It helped our organization to find and protect where sensitive data and data discovery, privacy, security, and governance, making it a valuable tool for businesses dealing with large volumes of sensitive information across different data systems.

Before using BigID, maintaining an accurate inventory of data stored in our AWS S3 buckets was challenging due to the data's sheer volume and distributed nature.

BigID’s advanced scanning capabilities have provided a comprehensive view of all our data assets across S3 buckets, identifying structured and unstructured data. This has given us a clear understanding of our data landscape, enabling better management and utilization of data.

BigID is excellent at discovering and classifying both structured and unstructured data across an organization. This is crucial for identifying sensitive data and ensuring compliance with various regulations.

It provides a unified view across different databases and supports a wide range of data source types, including cloud and on-premises systems. It offers compliance with various regulations and has a unified view across different databases.

It will support a large amount of data source types which include cloud and on-prem systems.

The solution needs to improve:

Scan Reliability. Enhancing the functionality and speed of the remote scanner setup is imperative.

User Interface Navigation: The dashboards and findings landscape require significant improvement.

API Flexibility: It is crucial to make enhancements in data export operations.

Navigation and Usability: Some users find catalog navigation challenging due to the lack of a search-by-column feature, making locating specific data difficult.

Export Functionality: The export feature tends to be buggy, particularly when dealing with large data sets, leading to delays and necessitating manual intervention

FalsePositives: The process has to find a new way to validate the regex match pattern by validating with some external source

I've used the solution for over a year.

I like BigID's in-depth discovery and scanning capabilities, especially for unstructured data. This feature is a standout compared to competitors.
The tool's data classification capabilities are impressive. It offers custom classifiers and a blend of regular exploration and artificial intelligence, making it a next-generation solution. This enhances data security, and its security posture management is straightforward and user-friendly.

Organizations lack a holistic view of their data. They have structured, unstructured, semi-structured, and cloud data spread across various sources. Over the past five to ten years, companies have amassed a significant amount of data, with around twenty to thirty percent being unnecessary. This leads to storage wastage, compliance issues, audit findings, and vulnerability gaps. BigID is the tool that helps identify and provide a holistic view of the data, enabling organizations to take proper control.

Improvement could be made in data consent management and data privacy impact assessment.

I have been using the product for three to four months.

I rate the tool's stability a nine out of ten.

I rate the tool's scalability a nine out of ten. In my organization, we're not using BigID ourselves; we're partnering with them for distribution and other related aspects. In a particular organization, the user count for BigID might range from 100 to 500.

I haven't needed to evaluate or contact technical support for BigID yet. Since it's new to the Indian market, we haven't acquired any customers who require technical support.

The initial setup is easy, especially since it's a SaaS platform. BigID handles all the infrastructure-related tasks, making it hassle-free. We deploy a virtual appliance or container in our data center. Additionally, the convenience of choosing between SaaS or on-premises platforms is beneficial, as BigID offers both solutions.

As the trend leans towards cloud migration, BigID plays a significant role in facilitating data migration. Whether it's on-premises or in the cloud, BigID provides essential support. It has connectors and APIs for various cloud platforms, aiding organizations in managing data already on the cloud or those in the migration process.

The tool offers good ROI. A comprehensive view of data is crucial, especially for countries with strict data privacy regulations. Non-compliance could lead to heavy fines or penalties. BigID can help avoid such consequences

The solution is not licensed per user but rather based on capacity. For instance, organizations with large amounts of data, such as 50 GB or more, are the ones that typically qualify for BigID.

The tool's pricing is premium so that it could be categorized as expensive. However, its price tag justifies the proficiency of its scanning engine and tools. It's considered a premium tool with a higher price point.

I would recommend BigID to organizations, especially those heavily focused on data policy and customer-facing businesses, particularly in the B2C sector. It's crucial for such organizations as they handle and safeguard customer data. Consent is paramount, and a tool like BigID is essential for managing data subject access requests, discovering data, and ensuring compliance. The classifiers provided by BigID are particularly effective in this regard.

I rate the overall solution an eight out of ten.

I work in an area focused on data protection. Currently, in my practice, more than five to six projects use BigID.

In the client's data source, there may be sensitive information. Each country has its own data protection laws and encryption standards. We scanned every database using BigID, both structured and unstructured.

After scanning, we could properly categorize the data and identify sensitive information. BigID has built-in functions that show where the data is. We sent this information to the client with suggestions for suitable encryption standards for their specific data, whether it's plain text or encrypted.

My organization had a joint venture with BigID, which is the main reason we chose it. Another reason is the support from the BigID team. BigID has frequent updates compared to other products and provides a dedicated support team for developers.

We can integrate any new product via API connection into ticketing, even if the product is not well-known or brand new. We can also easily update to the latest version or choose an older version if needed.

These updates can be done independently, without relying on a standard technician or developer. BigID is flexible, so we can upgrade our services as needed, allowing consultants to manage the tasks.

Data discovery capabilities:

BigID offers different scan types for data discovery. The most powerful one is the full scan, which scans both data and metadata. However, the metadata scan is faster in comparison.

For instance, if a scan is estimated to take three or four days, and it lags behind on the second day, we can skip that module and resume with other modules without disrupting the ongoing scan.

Even if the scan is 90% complete, we can export the data and begin our process. The e-discovery feature has been very useful for us.

The main use cases involve APM integrations, allowing us to accommodate queries with the necessary tools seamlessly.

Another advantage is the ability to process millions of data points quickly using various scan types like full scan and metadata scan, which are adaptable to our specific needs. These scan types are highly beneficial and offer more flexibility compared to similar products with standard scan options.

Additionally, BigID's Redex operations enable us to create new rules and run scans across different data sources, tailored to our specific use cases. In our case, we primarily utilize it to scan client data sources.

Features that helped to enhance the data governance aspect:

• I like the predefined sensitive information labels in BigID. They are not generic; for example, for PHI information, they specify exactly what PHI terms to scan for.
• Additionally, BigID offers data protection loss-wise options, and we can add our own labels using InfoMetrics as needed.
• The BigID support team is also crucial. They have weekly sync-up calls to help us resolve any issues we encounter with the product promptly. This level of support is very important.

These security labels, in particular, are a significant reason why many organizations, including ours, prefer BigID. The security labels are indeed very useful.

The interface has been updated and looks good. Earlier, it was bit outdated.

One concern I have with BigID is regarding certain scans, like the multi-scan. The issue is that we can stop and retrieve these scans, but once they start, they go through an enumeration process. This process doesn't show an exact timeline, so we can't estimate its duration. In previous versions, I believe there was an estimated time for this process, but the new update seems to have removed it.

The other concern is the price. The comprehensive support and features come at a premium cost. Additionally, deployment and access for all users could be improved. Currently, it seems to be centralized, and perhaps it could be deployed for individual devices as well.

I worked on a six-month project with BigID. It's a dedicated tool for scanning structured and unstructured data.

I've switched projects recently, but I used BigID until a month and a half ago. However, I still have some BigID certifications and frequently use it for API integration and other tasks.

I had no issues with the stability. The reason being BigID provides comprehensive onboarding, including learning resources, URLs, and virtual training, allowing us to gain hands-on experience in a replica environment before using the production version.

There is also a BigID certification program to ensure proficiency. We utilize this training environment for testing and experimentation before applying it in production. This approach is efficient and helps familiarize users with the product. BigID is user-friendly and easy to use, not complicated.

While we use the product, once the data nodes are all completed, we need to export the data and use Power BI, Tableau, or Looker Studio to visualize it. The data is not readily available in a presentable format, which is time-consuming and a limitation.

It won't be in Excel or a similar format; it will be available for presentation to clients. We need to explore the data and do a few things. That's because it's time-consuming and a limitation of BigID.

But in a recent update, BigID integrated with Looker Studio. At the time of data conversion and application, it wasn't responding well. I think we can now handle it inside BigID itself. Anyway, that was an issue, but right now, it's fine.

We have console support from the team. If we are unable to implement something within the product, we can ask them, and they will add the feature. So, I don't feel any limitations in what we are currently doing, such as e-discovery processes for structured and unstructured data.

BigID supports all data types, complies with various laws and standards that enables sensitive information, and allows customization, including creating our own labels. I don't feel any kind of limitations.

BigID's customer service support have two levels of support. Initially, the developer assigned to our cloud instance provides technical assistance. If they cannot resolve the issue at the UI level, they involve a second-layer developer.

However, with a higher subscription, we only receive developer support for a limited time, like two or three months. After that, additional support requires an extra charge. Despite this, the support has been good so far, and they always find a solution for our issues.

Most organizations use Microsoft Purview, and many of our clients have licenses for it. Being a Microsoft product, it has advantages.

With BigID, we need to pull data from sources and integrate it before scanning. If it's a Microsoft product and the data amount is small, we can replace it. Microsoft Purview can automatically identify data without the need for extensive scans.

Since it is a cloud-based product, they have a separate server assigned for deployment. They provide virtual machines based on our recommendations, and their technical team handles everything.

We don't need to do anything technical; we just use the URL they provide, along with our credentials in Autologics, to access and use the scans. It's a very simple process.

Timeframe to set up this product:

The deployment itself took about three to four hours minimum. The total time depends on the number of data tools linked and the amount of data. I wasn't part of the initial deployment, but in my experience, it can take around three to six hours.

Maintenance:

The maintenance provided by the BigID team. They offer two different packages. We opted for the higher-priced option, which includes software services, automatic upgrades, and fixes.

With the lower-priced option, manual updates with scripts are required. However, I recently heard that they now provide everything through their executive team, which is a good upgrade.

We use BigID for our reviews, and our organization has a joint venture with them. We use other tools as well, such as Microsoft Purview, alongside BigID. However, BigID performs better due to its superior API integration capabilities.

It is used in an MNC. But, based on my research, it is competitively priced compared to market standards. It is worth the money.

Compared to other products, more people are familiar with BigID. BigID was not as familiar to some people working with technologies because it was used by a closed group. The BigID support team is doing their best, and that's my personal experience. However, BigID wasn't that familiar to some people because it deals with specific areas like skill, regulation, automation, and governance. They need to do more to educate people about data.

One issue we experienced was with the scripts being in YAML format, which some people didn't understand. It would also be helpful if they could address issues related to entity and space sensitivity in the cloud. We've encountered errors when exceeding storage limits, and we haven't found a solution yet.

Overall, I would recommend BigID. If they are dealing with a large amount of data, if they need to scan all data sources, regardless of format, then BigID would be a suitable product for them.

Overall, I would rate the product an eight out of ten.

I use the solution to discover sensitive data. I use it when the company I am part of is unable to provide locations of specific data. The goal of the tool is to find data and help companies make a better decision in regards to privacy laws.

The PII feature of BigID has helped our organization. One of the challenges BigID can help companies with is gaining control of where the data leads and to control the data lifecycle.

One of the most valuable features is the first step to finding PII, whether sensitive data, financial data, or personal information. Another important feature of the tool is the desired data subjected to request. Once you know where the data is present, you can receive a request from the data subject. A person can also receive internal automation using the tool and perform a desired request with the total PII.

The tool should have more classifiers or classifications about different states. For example, there should be specific classifiers for Brazil and other specifics for China. The existing features should be improved, and more features should be added to the tool.

I have been using the solution for five years.

I would rate the stability a seven out of ten. While using BigID, sometimes the user doesn't have visibility into the scan or when it will be completed.

I would rate the scalability an eight out of ten.

The tech support is good but sometimes the support team delays to provide a solution. I would rate the tech support an eight out of ten.

The initial setup complexity of BigID depends upon the project goal. If the goal is to scan multiple databases or large databases, the initial setup can be difficult because it's necessary to set up more than one scan separately.

The tool can be set up for an on-premise scan or a cloud scan, and it's vital for the scan to take place near the data source to speed up the process. The deployment type of the solution depends on the kind of database an organization already holds and the strategy or company goal.

The solution provides a good return on investment because it helps companies to be compliant with privacy laws and manage data as well. The product helps identify types of internal data like in HR processing systems and financial systems.

The product is expensive, but so are all competitor data discovery tools.

Data classification is an important aspect of the tool because, by using it, a company can make better decisions and implement the right security process. The data classification offered by the tool can help companies improve their security strategy. The solution also helps in the data minimization process. For instance, if the tool duplicates data in different databases, companies can use BigID to reduce the number of duplicate data. BigID thus can also be used to meet compliance with GDPR, CCPA and LGPD.

I would recommend BigID to others. The solution is simple to manage, and most use cases are easier to deploy with It. I would rate the solution an eight out of ten.

I'm an implementing consulting partner for BigID. Initially, the clients used the solution for compliance with GDPR and CCPA. However, more recently, the software has evolved significantly to be useful for data governance and areas such as security posture and related aspects.

One of the most valuable things in a data-focused world is a tool, a technology that's data-centric, not trying to master data management or whatever else.

It's a source of truth for what data an organization holds, giving it the ability to catalog, categorize, and understand its data in a way that other technologies like Alation, Collibra, or Informatica didn't afford. So, that's probably the biggest value in the data center.

BigID is making some forays into the GRC space, and that's a natural progression. I'd like to see that improve so that data governance is better, data risk is identified, and the ability to control and mitigate it. So, that's where I see the opportunity for advancement.

I have been using this solution for five and a half years.

BigID is stable. I've positioned it as the market leader in privacy data technologies for some time. In comparison to other technologies I've used, it's far superior.

The product is scalable. For one of my customers, there are not more than half a dozen. It's not a broad adoption tool. It's more like a utility. So, fewer users but many beneficiaries.

The initial setup is complex. There's a nuance to it, and that's one of the things that's been interesting as the technologies evolve. It's not complex in and of itself. You can install it quickly and attach data quickly.

The complexity arises because most organizations I've worked with are thinking about their data for the first time. So, while installing the software and operationalizing it is easy, the onboarding and understanding of the data, design, legacy systems, and everything from Oracle to side-based to MS Access, that's where it gets tricky. They need to catalog, correlate, combine, rationalize, and really think through it all.

So, the software itself is easy to implement and operate. But the operational side, from the client's perspective, requires a commitment. It's like buying a circular saw and expecting to build a house. The tool will take you some of the way, but if you don't have the underlying knowledge, you're going to struggle.

The deployment model is a client-driven decision. I've been the implementation consulting partner. Ultimately, the client makes the decision on the deployment model. When BigID first came out, it was originally only available on-premises. Later, clients could choose to deploy it on the cloud, whether on AWS, Azure, or another platform.

BigID does maintenance releases periodically, requiring updates. Major releases are probably monthly to quarterly. Maybe four times a year now, or two, they just changed the cycle. Then, there are minor releases occasionally. These need to be done, but underlying maintenance isn't bad. It is like applying periodic updates to any other software package.

It is an expensive product. There are different price points for different BigID functions and features now. So, it depends on your specific needs.

In the time I've been working with BigID (over half a decade now), it's gone from a monolithic software package to something with more modular parts. Now, the customer or client can buy only the required pieces, making it not terribly expensive.

So, the pricing depends. If you have thousands of data sources to connect and manage, and you struggled with an MDM package in the past, you'll find BigID valuable and even cheap. But if you're a small business, it's probably not the right tool for you.

So, it depends on your goals, past experiences, business problems, and organizational direction. If you're in healthcare, technology, or manufacturing with tons of data sources to control, understand, and manage (data disposition, cataloging, reporting, GDPR/California compliance, etc.), and you have the right discipline and understanding of what you're trying to do, you'll find it inexpensive.

But without management commitment to using the tool effectively, it's like buying an expensive Oracle or SAP system and not getting the desired results.

My first question is: what are you trying to achieve? What business problem are you trying to solve? It's like asking if you should buy a calculator or Excel for basic math. A cheap calculator even does simple calculations! So, what's your goal?

If your answer is data inventory and starting your data governance journey, then BigID is absolutely worth exploring.

Overall, I would rate the solution a solid nine out of ten. Compared to the market, it's a ten. There are a few things I'd like it to do better, but they're working on it. So, nine now, with room to grow on.