Data security platform BigID has announced the release of a new automated, context-based data risk remediation recommendations capability to enable security teams to make informed decisions that reduce risks and elevate data security posture management (DSPM). The capability leverages an in-app recommendation engine that provides actionable insights for addressing critical data risks across environments at scale, indicating optimal remediation actions, according to BigID. The new remediation guidance will help customers accelerate data risk reduction and mitigate disruption, among other benefits, the firm said in a press release.
A range of factors including dispersed networks, diverse attack vectors, and resource constraints often hamper organizations’ ability to effectively respond to and remediate cyberthreats. Conversely, having a team in place with the right protocols and tools to respond to cyber risks has been shown to significantly reduce the costs and time required to identify/contain security incidents.
Risk remediation advice is based on data context, past actions
BigID’s new feature decides the best way to fix a problem by looking at the context of the data and what was carried out on similar types of sensitive data in the past, the company said in a blog post. “This simplifies the data risk remediation process significantly, enhancing your security team’s ability to bridge the gap between insights and action,” it added. This serves as a “lifeline” for making quick, informed decisions regarding data threats, according to BigID.
“Context-based remediation recommendation is a game-changer in the world of data security. It equips security teams with intelligent recommendations to swiftly and decisively respond to their biggest data risks,” commented Tyler Young, CISO, BigID.
Investments in AI, automation, and user-friendliness are designed to make data remediation workflows better, smarter, and more flexible, BigID said. According to the company, the recommendations will allow customers to:
- Accelerate SecOps by closing the gap between insight and action by automatically receiving recommended data risk remediation guidance.
- Enhance remediation decision-making across entire data environments with guidance based on data context such as sensitivity, location, accessibility, and past actions.
- Mitigate disruption by pinpointing the right steps to reduce data risks promptly, minimizing guesswork and human error to prevent disruption and maintain operations.
Remediation guidance covers insider threats, toxic/dark data risks
Examples of BigID’s data remediation recommendations at work include reducing insider threats and mitigating toxic/dark data risks, a company spokesperson tells CSO. They cite an insider risk scenario: There’s a highly sensitive document labeled super confidential that is open to everyone in the company – as well as some external parties such as contractors and third-party vendors. “BigID can set up policies to surface potential overexposed data sets, sources, and files (open or externally accessible), as well as over-privileged users. Based on access permissions and the context of the data, BigID’s data remediation capability will automatically trigger workflows to revoke access rights and fix permissions natively to reduce insider risk as well as external access,” the spokesperson says.
As for toxic data combinations, organizations often store multiple types of sensitive, personal information co-located within the same data source or table, increasing the magnitude of damages they receive if that organization ever gets breached, according to the BigID’s spokesperson. “BigID’s new data remediation recommendation capability can identify toxic data combination sets and then automatically trigger remediation workflows with data security partners to carry out the specific action, whether that’s to move, mask, or encrypt,” they add.
In the scenario of dark or shadow data that typically goes unused but can be highly sensitive in nature, elevating security risk by existing in the environment without proper safeguards around it, BigID identifies non-business critical sensitive data that should be removed from the organization. “Based on the context of the data, BigID’s new data remediation will recommend and then kick off an end-to-end data deletion workflow for minimization.”