BigID adds access governance targeted at sensitive data and privileges

Cloud data security and compliance provider, BigID, has announced adding an access governance capability to its existing offerings to help hunt down exposed sensitive data and overprivileged user accounts.

The capability is targeted at helping organizations improve security posture, mitigate insider risk, achieve zero trust security, and accelerate AI compliance, according to the company.

“What’s new and exciting about BigID’s access governance capability is its ability to provide an additional layer of visibility to identify where sensitive data lives across a customer’s entire environment, from on-prem to the cloud,” said Tyler Young, CISO at BigiD. “Customers can get visibility to overexposed sensitive data, or data shared externally. This can be done across all types of data, including unstructured AI data as well as structured analytics data, which can be highly sensitive and valuable.”

The access governance capability is available with launch to all of BigID’s customers and is part of the company’s existing Access Intelligence offering.

Support beyond exposure detection

The access governance capability, according to BigID, will help organizations unlock multifold benefits including access risk visibility, attack surface reduction, access right management, zero-trust enforcement, and insider risk mitigation.

“BigID’s mission has always been to empower our customers to take control of their data, wherever it lives and, as the data landscape becomes more complicated, securing access to sensitive information becomes critical,” said Young. “This means support for key data sources that typically contain sensitive data and files like Microsoft 365, AWS S3, on-premise SMB file shares, and more are mission critical. The importance here is being able to do this holistically in a centralized way across a hybrid environment.”

Apart from the visibility it provides into an organization’s sensitive permissions and exposed data, the capability is also aimed at assisting with the organization’s remediation efforts.

“BigID’s access governance capability doesn’t just detect overexposed data and overprivileged accounts, it also goes one step further,” Young added.“It can help facilitate access remediation management and actions by natively revoking access permissions to users and groups. BigID can manage remediation centrally, or delegate remediation out to other individuals, BigID applications, and tools via API integrations, in addition to opening up ITSM tickets.”

According to the company, BigID connects to and scans for sensitive data across multiple data sources and types, ranging from unstructured and structured data to mainframes, messaging apps, pipelines, big data, NoSQL, Cloud IaaS, SaaS, PaaS, applications, dev environments, etc. The Access Intelligence offering currently supports cloud on-prem data sources, including AWS S3, GDrive, GCS, Sharepoint, OneDrive, SMB, and Box.

AI tooling for AI battle

With the help of AI, the new capability offers the ability to classify sensitive and overexposed data based on context which can also be tailored based on a business’ organizational needs.

“BigID leverages proprietary advanced AI, ML, and NLP-based data classification techniques to classify more types of data, more accurately, at the enterprise scale,” Young said. “BigID provides customers the ability to customize classification to suit their unique data environment needs, and then fine-tune these classification models for unparalleled accuracy and scalability. This allows customers to get security and risk context and insights around sensitive data, including its sensitivity, location, residency, and accessibility.”

With the proliferation of AI, security, privacy, governance, and compliance risks concerning sensitive data exposure have heightened. This has pushed BigID to arm up specifically against AI-based threats, Young added.

“Specifically, generative AI, like large language models (LLMs), can inadvertently leverage sensitive, personal, regulated, and/or critical data as training data – which can create unwanted exposure, access, and use of such data,” Young said. “BigID is pioneering efforts to allow organizations the ability to discover, classify, and pinpoint data being used for AI purposes. Then, proactively mitigate unwanted exposure risk through the right governance controls, security policies, and risk remediation measures to meet the latest AI compliance mandates.”

BigID’s other AI-related effort includes the AI Identity Aware patent it has, which automatically connects a person’s name to their customer ID, birthday, and social security number, even when stored in different places.