March 15, 2022
Encryption

BigID & Atakama: A New Approach to Data Classification

There really isn’t a data discovery and classification standard; however, many organizations have their version of a data classification framework that classifies data based on its sensitivity and value. According to Gartner, many successful data classification programs use a variation of the simple three-classification approach: Public, Internal and Confidential. Organizations must be able to identify their data to develop and implement a defined framework of rules, processes, protections, and procedures for how their data is accessed, shared, stored, copied, and destroyed.

Data discovery and classification is essential from a compliance perspective because it provides a way for you to maintain the integrity of your data and helps you actually know what data you have. And data discovery and classification is no longer limited to companies seeking  to meet regulatory requirements, even though based on the growing number of fines being issued for various regulatory violations, data classification is needed more than ever. General Data Protection Regulation (GDPR) fines grew by 40% in 2020 to the tune of $193.4M, with more considerable fines to come in 2021.

While data classification tools help you understand what data you have and where it resides, implementing a layer of security is necessary to remediate the data.  According to Forrester, organizations need to inventory and classify their data across their environment, enforce access control, apply and enforce policy, and encrypt data regardless of location. “Data-centric security is supported by integrated security functions and consolidated controls that form a security ecosystem.” Combining data classification with encryption provides a complete security solution that allows  organizations to discover and secure critical data.  

The Broader Atakama x BigID Approach

The integration of Atakama's file encryption solution with BigID's data discovery and classification ensures that organizations can automate well-defined policies to discover, classify, and protect their data. Together, BigID and Atakama make it easy for customers to accelerate governance, reduce risk, protect their sensitive data with advanced encryption, and achieve continuous data compliance.

The joint solution mitigates two major concerns when it comes to data protection: eliminating user error by leveraging the unparalleled accuracy of data classification and identification provided by BigID, and enabling appropriate controls with Atakama’s protection that is optimized for the sensitivity of the data. Once sensitive information has been identified and labeled it in accordance with policy, Atakama takes the extra step by automatically encrypting the file based on its classification label. The process is fully automated and does not rely on user subjectivity.

Traditional encryption solutions are heavily dependent on identity and access management controls. Login credentials, which allow authorized users to wholesale access encrypted data, represent a single point of failure. Atakama enables the encryption of each individual file without reliance on usernames and passwords.

Each file encrypted with Atakama is protected with its own unique AES 256-bit key. Each key is then fragmented into “shards” that are distributed across physically separate devices (e.g., the users’ workstation and their smartphone). Atakama eliminates reliance on perimeter controls. Protected data remains accessible by authorized individuals only, all with an intuitive and user-friendly user experience. Atakama is easily deployed and installed within your existing environment, all without disrupting your existing user workflows. The result is an elegant and innovative solution.

Request a demo to learn more about Atakama's integration with data discovery and classification. 

background cta