For too long, privacy protection has been a security backwater. That is changing. Not only because of the introduction of regulations like EU GDPR intended to entrench data privacy accountability and transparency, but also because customers, consumers and companies have come to realize that they need to balance the risk and reward of digital data collection and processing.
Another reason is that privacy protection has been difficult and error-prone. Previously organizations didn’t have a clear view of where their sensitive identity data was sitting or how it was being used. Surveys and spreadsheets could only carry companies so far when it comes to data protection.
Privacy’s prominence is undergoing a profound shift, and we at BigID are experiencing this shift in a direct way. At this year’s RSA Conference, the information security industry’s largest gathering, BigID was voted the winner of the Innovation Sandbox, out of a total of ten cutting-edge companies.
Privacy Moves Beyond Policy and Process
We see this recognition not only as a validation of our vision when we set out to focus on privacy protection two years ago, the value of our data-centric approach, but also that taking on privacy protection means taking a product approach.
In the past, companies have tried to address privacy protection by trying to reconcile two hamfisted approaches. IT and security tried to identify identity data with tools built for finding PCI-era payment card information even though the definitional of personal information is far broader than PII and those tools had no person context. Conversely, privacy officers and legal teams settled for surveys and spreadsheets to confirm data usage.
BigID has set out to change the efficacy of privacy protection. If the purpose of regulations like GDPR is to protect data, then data knowledge is essential. This means data-driven compliance and governance of personal information. BigID for the first time provides security, data, risk, compliance and privacy professionals an accurate and relevant representation of what personal data they have, how that data is getting used and the tools needed to secure identity data whether being stored, shared or analyzed.
GDPR and The Dawning of the Privacy Age
At its heart, privacy is a data problem. For the last decade or so, companies have had the opportunity to collect and process vast amounts of data, that was practically inconceivable before. Big Data innovations gave companies new approaches for squeezing insight from this data. BigID gives companies new approaches for achieving this goal in a secure, privacy-by-design way.
Consumers buy from companies they trust. BigID gives companies the privacy product to help them better safeguard their customer data and become better stewards of that information. GDPR has shown a spotlight on the problem of privacy protection and data accountability. But GDPR is the start, not the finish. As everything shifts online, privacy protection will be a defining 21st-century problem. We here at BigID are excited to be at the forefront of this new privacy protection age.