BigID lands in the right place at the right time with GDPR

Every startup needs a little skill and a little luck. BigID, a NYC-based data governance solution has been blessed with both. The company, which helps customers identify sensitive data in big data stores, launched at just about the same time that the EU announced the GDPR data privacy regulations. Today, the company is having trouble keeping up with the business.

While you can’t discount that timing element, you have to have a product that actually solves a problem and BigID appears to meet that criteria. “This how the market is changing by having and demanding more technology-based controls over how data is being used,” company CEO and co-founder Dimitri Sirota told TechCrunch.

Sirota’s company enables customers to identify the most sensitive data from among vast stores of data. In fact, he says some customers have hundreds of millions of users, but their unique advantage is having built the solution more recently. That provides a modern architecture that can scale to meet these big data requirements, while identifying the data that requires your attention in a way that legacy systems just aren’t prepared to do.

“When we first started talking about this [in 2016] people didn’t grok it. They didn’t understand why you would need a privacy-centric approach. Even after 2016 when GDPR passed, most people didn’t see this. [Today] we are seeing a secular change. The assets they collect are valuable, but also incredibly toxic,” he said. It is the responsibility of the data owner to identify and protect the personal data under their purview under the GDPR rules, and that creates a data double-edged sword because you don’t want to be fined for failing to comply.

[gallery ids="1626008,1626009,1626010,1626011,1626012"]

GDPR is a set of data privacy regulations that are set to take effect in the European Union at the end of May. Companies have to comply with these rules or could face stiff fines. The thing is GDPR could be just the beginning. The company is seeing similar data privacy regulations in Canada, Australia, China and Japan. Something akin go this could also be coming to the United States after Facebook CEO, Mark Zuckerberg appeared before Congress earlier this month. At the very least we could see state-level privacy laws in the US, Sirota said.

Sirota says there are challenges getting funded as a NYC startup because there hadn’t been a strong big enterprise ecosystem in place until recently, but that’s changing. “Starting an enterprise company in New York is challenging. Ed Sim from Boldstart [A New York City early stage VC firm that invests in enterprise startups] has helped educate through investment and partnerships. More challenging, but it’s reaching a new level now,” he said.

The company launched in 2016 and has raised $16.1 million to date. It scored the bulk of that in a $14 million round at the end of January. Just this week at the RSAC Sandbox competition at the RSA Conference in San Francisco, BigID was named the Most Innovative Startup in a big recognition of the work they are doing around GDPR.