Mickey Martin
November 21, 2023
In a recent announcement, BigID and PlainID unveiled their strategic partnership, offering a comprehensive solution to enhance data security and access control. For security and identity-centric stakeholders tasked with safeguarding their organizations’ sensitive data, this collaboration represents a significant step forward in data protection.
BigID, renowned for its world-class data discovery and cataloging capabilities, excels in identifying and classifying all data within an enterprise – including both structured and unstructured data. Following a comprehensive data discovery process, BigID assists its customers in identifying data subject to various regulations and privacy laws, such as personally identifiable information (PII), or financial data. This invaluable insight provides organizations with a roadmap for prioritizing their data security efforts. It helps them pinpoint which databases, storage mediums, and data collections require immediate attention and enables them to track the implementation of compliant data controls.
In today’s data-driven world, where data volumes are growing exponentially, data catalogs have become indispensable for effective data security. However, the challenge lies in translating data categorization and prioritization into actionable data protection strategies. How can data be safeguarded based on its labels, especially as it moves across various layers of operations?
This is where PlainID helps enterprises address the last mile in securing access to data. The PlainID Authorization Platform allows you to integrate BigID’s data catalog into your security framework, enabling you to apply labels such as “PII” or “financial sensitive” to your data access control policies, or access decisioning.
The PlainID Authorization Platform comprises four key components:
- Policy Administration Point (PAP)
- Policy Decision Point (PDP)
- Policy Information Point (PIP)
- PlainID Authorizers (i.e. out-of-the-box integrations for technology-specific enforcement)
These components enable customers to create policies in plain language, such as “Managers cannot access Sensitive PII of their employees,” and enforce these policies seamlessly from the application layer, down to the data tier.
In addition, PlainID allows you to apply risk-based or contextual controls to policies. For example, you can modify the previous policy for managers to state, “Managers can only access Sensitive PII of their employees when connected to the company VPN.” In this scenario, access to data labeled as “Sensitive PII” will be masked or blocked when managers are not on the VPN, but it will be allowed when accessed through the VPN. Additionally, you can integrate endpoint protection software to verify that the manager is on a trusted device while accessing data.
Once a policy is created in PlainID, decisions are made by the PDP and enforced by Authorizers. However, it is the role of the PIP to gather the necessary information to make informed decisions. This is where the integration with BigID is invaluable. If your organization aims to protect all “Sensitive PII,” PlainID addresses this by referring to BigID’s data catalog to identify which columns, keys, and collections are classified as sensitive. This critical data classification informs policy enforcement, whether it involves blocking a REST call at the API layer, modifying queries in the microservices layer, or directly restricting access at the data tier.
BigID’s strength lies in cataloging data in any form, while PlainID excels in safeguarding digital assets across various layers and forms. This partnership goes beyond traditional data access control platforms by ensuring consistent protection of digital assets from the application layer down to the data layer.
In summary, the partnership between BigID and PlainID ensures the comprehensive and standardized protection of your organization’s data, which is the lifeline of every company. This collaboration enhances security, provides assurance, and offers peace of mind that your digital assets are secure.
Get a demo and learn more on how to elevate data security across your enterprise ecosystem, align with regulations, and safeguard sensitive information more effectively.