BigID is an active member of the Cloud Security Alliance, dedicated to evolving and maintaining best practices to help ensure a secure cloud computing environment. The Cloud Controls Matrix (CCM) is a cybersecurity control framework for cloud computing that covers all key aspects of the cloud technology and is mapped to over 40 other standards and regulations. BigID has invested heavily in this research and process and have posted our completed CAIQ Self-assessment on the CSA STAR Registry.
BigID is committed to security – and aligned to the International Standards Organization (ISO) 27001 standard, an internationally recognized framework for best practices in information security management. ISO 27001 alignment implements standards to help protect the confidentiality, integrity, and availability of an organization’s data.
BigID is SOC 2 (System and Organization Controls 2) certified, establishing that it is designed to keep its clients’ sensitive data secure. BigID puts the security and privacy of our customers first, with established processes, people, and frameworks to keep data secure.
BigID’s SOC3 Report is a general use report outlining the security, confidentiality, availability, and privacy controls we have in place to protect customer data.
BigID can help companies meet all 14 controls of the EDM Council’s Cloud Data Management Capabilities. These controls range from discovery, catalog, classification, retention, privacy and security.
In order to enable companies to discover all of their data regardless of where it lives, BigID is the first Data Security product that is fully compliant to be deployed in PCI environments (cloud or on-prem). Our PCI compliance demonstrates how seriously we take security and that our security controls have been tested by an independent assessor.
TX-RAMP Level 2 certification is a rigorous security standard established by the Texas Department of Information Resources (DIR) for cloud computing services that process, store, or transmit confidential or regulated data in moderate or high-impact systems of Texas state agencies.
In essence, it’s a way for the State of Texas to ensure that cloud vendors handling sensitive government data meet a high bar for cybersecurity. It’s based on the NIST 800-53 Moderate Impact Baseline assessment, which includes 223 security controls.
Cloud service providers (CSPs) seeking Level 2 certification must undergo a thorough assessment and continuously monitor their security posture. This often involves extensive documentation, providing evidence of security controls, and submitting quarterly vulnerability reports.
Wiz recognizes BigID as a member of their Zero Critical Club, signifying that our cloud product has zero critical issues, including cloud misconfigurations, compliance controls, and vulnerabilities.
Get a custom demo with our data experts in privacy, protection, and perspective – and see BigID in action.
