What is our primary use case?
I work in an area focused on data protection. Currently, in my practice, more than five to six projects use BigID.
In the client's data source, there may be sensitive information. Each country has its own data protection laws and encryption standards. We scanned every database using BigID, both structured and unstructured.
After scanning, we could properly categorize the data and identify sensitive information. BigID has built-in functions that show where the data is. We sent this information to the client with suggestions for suitable encryption standards for their specific data, whether it's plain text or encrypted.
How has it helped my organization?
My organization had a joint venture with BigID, which is the main reason we chose it. Another reason is the support from the BigID team. BigID has frequent updates compared to other products and provides a dedicated support team for developers.
We can integrate any new product via API connection into ticketing, even if the product is not well-known or brand new. We can also easily update to the latest version or choose an older version if needed.
These updates can be done independently, without relying on a standard technician or developer. BigID is flexible, so we can upgrade our services as needed, allowing consultants to manage the tasks.
Data discovery capabilities:
BigID offers different scan types for data discovery. The most powerful one is the full scan, which scans both data and metadata. However, the metadata scan is faster in comparison.
For instance, if a scan is estimated to take three or four days, and it lags behind on the second day, we can skip that module and resume with other modules without disrupting the ongoing scan.
Even if the scan is 90% complete, we can export the data and begin our process. The e-discovery feature has been very useful for us.
What is most valuable?
The main use cases involve APM integrations, allowing us to accommodate queries with the necessary tools seamlessly.
Another advantage is the ability to process millions of data points quickly using various scan types like full scan and metadata scan, which are adaptable to our specific needs. These scan types are highly beneficial and offer more flexibility compared to similar products with standard scan options.
Additionally, BigID's Redex operations enable us to create new rules and run scans across different data sources, tailored to our specific use cases. In our case, we primarily utilize it to scan client data sources.
Features that helped to enhance the data governance aspect:
- I like the predefined sensitive information labels in BigID. They are not generic; for example, for PHI information, they specify exactly what PHI terms to scan for.
- Additionally, BigID offers data protection loss-wise options, and we can add our own labels using InfoMetrics as needed.
- The BigID support team is also crucial. They have weekly sync-up calls to help us resolve any issues we encounter with the product promptly. This level of support is very important.
These security labels, in particular, are a significant reason why many organizations, including ours, prefer BigID. The security labels are indeed very useful.
What needs improvement?
The interface has been updated and looks good. Earlier, it was bit outdated.
One concern I have with BigID is regarding certain scans, like the multi-scan. The issue is that we can stop and retrieve these scans, but once they start, they go through an enumeration process. This process doesn't show an exact timeline, so we can't estimate its duration. In previous versions, I believe there was an estimated time for this process, but the new update seems to have removed it.
The other concern is the price. The comprehensive support and features come at a premium cost. Additionally, deployment and access for all users could be improved. Currently, it seems to be centralized, and perhaps it could be deployed for individual devices as well.
For how long have I used the solution?
I worked on a six-month project with BigID. It's a dedicated tool for scanning structured and unstructured data.
I've switched projects recently, but I used BigID until a month and a half ago. However, I still have some BigID certifications and frequently use it for API integration and other tasks.
What do I think about the stability of the solution?
I had no issues with the stability. The reason being BigID provides comprehensive onboarding, including learning resources, URLs, and virtual training, allowing us to gain hands-on experience in a replica environment before using the production version.
There is also a BigID certification program to ensure proficiency. We utilize this training environment for testing and experimentation before applying it in production. This approach is efficient and helps familiarize users with the product. BigID is user-friendly and easy to use, not complicated.
What do I think about the scalability of the solution?
While we use the product, once the data nodes are all completed, we need to export the data and use Power BI, Tableau, or Looker Studio to visualize it. The data is not readily available in a presentable format, which is time-consuming and a limitation.
It won't be in Excel or a similar format; it will be available for presentation to clients. We need to explore the data and do a few things. That's because it's time-consuming and a limitation of BigID.
But in a recent update, BigID integrated with Looker Studio. At the time of data conversion and application, it wasn't responding well. I think we can now handle it inside BigID itself. Anyway, that was an issue, but right now, it's fine.
How are customer service and support?
We have console support from the team. If we are unable to implement something within the product, we can ask them, and they will add the feature. So, I don't feel any limitations in what we are currently doing, such as e-discovery processes for structured and unstructured data.
BigID supports all data types, complies with various laws and standards that enables sensitive information, and allows customization, including creating our own labels. I don't feel any kind of limitations.
BigID's customer service support have two levels of support. Initially, the developer assigned to our cloud instance provides technical assistance. If they cannot resolve the issue at the UI level, they involve a second-layer developer.
However, with a higher subscription, we only receive developer support for a limited time, like two or three months. After that, additional support requires an extra charge. Despite this, the support has been good so far, and they always find a solution for our issues.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
Most organizations use Microsoft Purview, and many of our clients have licenses for it. Being a Microsoft product, it has advantages.
With BigID, we need to pull data from sources and integrate it before scanning. If it's a Microsoft product and the data amount is small, we can replace it. Microsoft Purview can automatically identify data without the need for extensive scans.
How was the initial setup?
Since it is a cloud-based product, they have a separate server assigned for deployment. They provide virtual machines based on our recommendations, and their technical team handles everything.
We don't need to do anything technical; we just use the URL they provide, along with our credentials in Autologics, to access and use the scans. It's a very simple process.
Timeframe to set up this product:
The deployment itself took about three to four hours minimum. The total time depends on the number of data tools linked and the amount of data. I wasn't part of the initial deployment, but in my experience, it can take around three to six hours.
Maintenance:
The maintenance provided by the BigID team. They offer two different packages. We opted for the higher-priced option, which includes software services, automatic upgrades, and fixes.
With the lower-priced option, manual updates with scripts are required. However, I recently heard that they now provide everything through their executive team, which is a good upgrade.
What was our ROI?
We use BigID for our reviews, and our organization has a joint venture with them. We use other tools as well, such as Microsoft Purview, alongside BigID. However, BigID performs better due to its superior API integration capabilities.
What's my experience with pricing, setup cost, and licensing?
It is used in an MNC. But, based on my research, it is competitively priced compared to market standards. It is worth the money.
What other advice do I have?
Compared to other products, more people are familiar with BigID. BigID was not as familiar to some people working with technologies because it was used by a closed group. The BigID support team is doing their best, and that's my personal experience. However, BigID wasn't that familiar to some people because it deals with specific areas like skill, regulation, automation, and governance. They need to do more to educate people about data.
One issue we experienced was with the scripts being in YAML format, which some people didn't understand. It would also be helpful if they could address issues related to entity and space sensitivity in the cloud. We've encountered errors when exceeding storage limits, and we haven't found a solution yet.
Overall, I would recommend BigID. If they are dealing with a large amount of data, if they need to scan all data sources, regardless of format, then BigID would be a suitable product for them.
Overall, I would rate the product an eight out of ten.
Which deployment model are you using for this solution?
Private Cloud
*Disclosure: My company does not have a business relationship with this vendor other than being a customer.
How are you guys handling false positives? Our application teams are complaining about false positives. They are rejecting the field in classifier tuning, but it has certain limitations