Improving Data Governance posture with Delphix and BigID

By Himanshu Pawar posted 06-23-2021 07:44:18 AM

  

Delphix and Big-ID

Product Snapshot & Overview

https://bigid.com/topics/big-ideas/ Delphix Logo


All logos are registered trademarks and property of corresponding owners.

Introduction 


Data masking has never been more relevant. With data breaches continuing to make headlines and the emergence of stringent data privacy regulations, businesses across all industries must manage their data with greater caution and sensitivity. Not protecting personal, health, and sensitive information in compliance with data privacy regulations, such as GDPR, LGPD, and HIPAA, results in heavy fines and lasting reputational damage. Exacerbating the challenge of protecting confidential data is the rapid increase in enterprise data volumes, particularly as data sprawl across environments used for development, testing, analytics, and other “non-production” use cases. Recent research estimates that businesses typically create over ten copies that multiply their overall surface area of risk for every copy of production data. 


Additionally knowing the data landscape means learning about your metadata and obligations around it. Big ID provides insights into organizational data. This is a key input to any Data Governance Program.


Business challenges

Data Masking addresses a variety of large corporate challenges, including Regulatory Compliance, the avoidance of fines, brand preservation, the avoidance of ransomware attacks, stemming data leakage, and customer churn.  Knowing where your data is, what needs to be protected, and protecting it in a way that preserves value and is applicable at scale is a challenge for almost every company.  


Security-minded organizations are adopting data masking as a solution for protecting these copies. In fact, masking technology is fast becoming a part of the reference architecture for organizations seeking a holistic approach for managing and securing data across the entire enterprise.


The technical challenges that most companies face include:

  • Discovery: being able to inspect both data and metadata at an enterprise scale.
  • Inspection: being able to discern what requires protection in a way that comprehensively uncovers the hidden pockets where sensitive data hides.  This “hidden” data is larger than their estimate of the data they already know they need to protect for many organizations. 
  • Mitigation: being able to assign an algorithm to protect the data based on the data’s own characteristics, and then execute that algorithm to mask the data.
  • Evolution: Being able to repeat this problem often without interrupting the flow of business, as both the data and the regulations around them evolve at a rapid pace.
  • Integrity: ensuring that when data is masked, that it is still usable for the user who receives it.  Data redacted with “X”s may be great for protection, but may hamper the feature delivery process and cause a huge productivity loss.  Or, preserving some statistical patterns while still protecting data may be crucial to a Quantitative Developer.
  • Scale: being able to take this scheme to scale across the many, heterogeneous places and platforms where data lives, to do so at speed or to meet specific Service Level Objectives, and to be able to repeat that again and again.

 

The data Discovery part is where Delphix integrates with BigID. Delphix provides a real-time data sensitivity analysis to Big ID, which in turn enables users with additional functionality like data lineage. It also enables better controls like Consent management, Sharing, etc.

The Basics: Delphix and Big-ID at a Glance

Delphix at a Glance


The Delphix Data Platform provides a comprehensive approach to data masking that meets enterprise-class performance, scalability, and security requirements. Delphix enables businesses to successfully protect sensitive data through these key steps: 


  • Profiling Sensitive Data: Identify sensitive information such as names, email addresses, and payment information to provide an enterprise-wide view of risk and to pinpoint targets for masking. Delphix provides granular visibility into data sensitivity and provides a view of how data should be managed to Big ID. Big ID in turn works with Data governance products like Collibra to make compliance possible in all avenues of IT.
  • Securing Sensitive Data: Apply masking to transform sensitive data values into fictitious yet realistic equivalents while still preserving the data's business value and referential integrity for use cases such as development and testing. Unlike approaches that leverage encryption, masking ensures that transformed data is still usable in non-production environments and entails an irreversible process that prevents original data from being restored through decryption keys or other means. 
  • Scaling and Integration: Extend the solution to meet enterprise security requirements and integrate into critical workflows (e.g. for SDLC use cases or compliance processes). 

Taken together, these capabilities allow businesses to define, manage, and apply security policies from a single point of control across large, complex data estates. Delphix can enable global operations with support for international addresses and character sets. Moreover, Delphix masking is quickly configured and deployed via GUI-driven workflows without requiring any specialized programming expertise or lengthy service engagements.


Big-ID at a Glance


BigID’s data intelligence platform enables organizations to know their enterprise data and take action for privacy, protection, and perspective.  Customers deploy BigID to proactively discover, manage, protect, and get more value from their regulated, sensitive, and personal data across their data landscape.  Big-ID does this in four ways:

  • Discovery: Find PI/PII sensitive data using 4 key capabilities: Catalog, Cluster, Classify, and Correlate.
  • Privacy: Leverage a data-centric policy engine and automate data rights, monitor data transfer/sovereignty, build an inventory of PII, track and document info sharing for regulatory compliance, track consent, and present this.
  • Protection: Discover “dark data”, control over-privileged file access, delegate remediation, automate labeling, manage incident response, and conduct a data risk analysis.
  • Perspective: Scale data stewardship, profile data, manage data retention, and exchange and enrich metadata with other tools (Atlassian, ASG, Collibra, etc.)

Comparing Capabilities

Delphix and Big-ID share some common capabilities and several distinct capabilities.  Big-Id is primarily data governance and privacy management solution which focuses on key capabilities including Data Discovery, Data Cataloguing, Data Stewardship, Regulatory Compliance Risk Reporting and Analysis, and some Metadata exchange.  Delphix is primarily a Data Masking and Data Transformation solution that focuses on key capabilities including Data Profiling, Data Masking, and Masked Data Distribution.


In general, the overlap between Delphix and Big-ID is in the profiling space.  Both Delphix and Big-ID use intelligent Data Profiling to understand what data should be protected.  Although Big-ID does have some remediation features, they are not in the Data Masking/Data Transformation capability space. For granular protection and transforming data at an organizational level BigID partners with Delphix.  Big-ID does not have any capabilities in data virtualization, masked data distribution, or masking at enterprise scale.


When Delphix is used alongside Big-ID, it is typically because an organization has decided to use Big-ID to manage their data catalog and privacy response, and want to be able to share both Big-ID’s discovery of fields with Delphix, as well as to allow Delphix to share the similar discovery with Big-ID.  This is a similar kind of meta-data exchange that may occur with other solutions in this space, like Collibra.


As the overlap between the capability space of the two tools is thin and generally limited to profiling data, Delphix and Big-ID are typically not seen as competitors.

Integrating Delphix with Big-ID


Both platforms provide a detailed API-based exchange where Delphix can execute discovery on a source and can push inventories to Big ID, alternatively in many scenarios Delphix can receive the sensitive classification and labeling information from Big ID and executes remediation.


Illustration



Citations

 

  1. Big ID: https://bigid.com/topics/big-ideas/, https://bigid.com/partner/collibra-integration/
  2. Delphix: https://www.delphix.com/resources/blog
  3. NIST: https://www.nist.gov/privacy-framework




#governance
#compliance
0 comments
11 views

Permalink