As data privacy becomes an increasingly important notion, especially with the EU’s GDPR privacy laws coming online in May, companies need to find ways to understand their customer’s private data. BigID thinks it has a solution and it landed a $14 million Series A investment today to help grow the idea.
Comcast Ventures, SAP (via SAP.io), ClearSky Security Fund and one of the company’s seed round investors, BOLDstart Ventures, all participated in the investment. The deal closed last week. Today’s investment on top of the $2.1 million seed round in 2016 brings the total raised to $16.1 million.
CEO and co-founder Dimitri Sirota says before companies can do anything with their data, they have to understand what they have. The starting point therefore is creating a catalogue of private data types you need to protect without actually moving the data.
“Think of us as Google for data. We index the information, figure out what information belongs to what entity, the data subject [and so forth], but it’s all virtual. We don’t copy it. It stays wherever it was,” Sirota explained.
The company can search across multiple big data stores, find private information for individuals across different sources, map the relationships across sources, see how data flows across different geographies and help customers comply with local data privacy regulations.
And he says the solution supports a variety of data formats out of the box whether that’s MongoDB, Cassandra, a cloud service like AWS or Azure or an enterprise software package like SAP. It also provides a generic connector that customers can customize to connect to unsupported data stores. It typically takes a couple of weeks to add a new one. BigID is also constantly working on expanding supported data types and updates the product on a regular basis, according to Sirota.
The solution is offered in a subscription model delivered as a Docker image. Most customers so far have opted to install it behind their firewall.
While the company’s data identification and compliance solution maps well to GDPR compliance rules, Sirota said they didn’t set to out solve one compliance problem. They wanted to build a product to help companies be “better stewards of private customer information.”
The company hired its first engineer in March, 2016 and GDPR regulations passed in April 2016. That bit of serendipity helped the company build something that was GDPR compliant. “While we don’t call ourselves explicitly a GDPR solution, we do cover a lot of the requirements,” he told TechCrunch.
The company is still young with 16 employees spread across two offices in NYC and Tel Aviv, which houses the company engineering department. It plans to expand the number of employees in the coming year with today’s investment.
It has around two dozen initial customers. While Sirota wouldn’t name specific ones just yet, he did say the list includes Dow 30 companies, big web scale companies and large systems integrators.