varonis - dss @vilnius 2010
Post on 19-Oct-2014
1.272 views
DESCRIPTION
Varonis Systems works in previously never solved but important area of security - the high risk of access and usage of our unstructured data. Windows / Unix / Linux fileservers, Microsoft Exchange, Microsoft Sharepoint, NAS and so on holds millions of PDF's, PPT's, DOC's, XLS's and other unstructured information which without Varonis Systems DatAdvantage is hard to manage.TRANSCRIPT
© 2008 Varonis Systems. Proprietary and confidential. © 2008 Varonis Systems. Proprietary and confidential.
VARONIS – Importance of management of
unstructured data
Edward Wasilchin, Regional Manager Scandinavia & Baltics
M; +46708105878 | Email; [email protected]
What is information security
© 2008 Varonis Systems. Proprietary and confidential.
Page 2
RIGHT information
RIGHT user
RIGHT time
PERCENTAGE OF THE DIGITAL UNIVERSE
Security-Intense Compliance- Intense
Preservation- Intense
0%
10%
20%
30%
40%
50% 2007 2011
Source: IDC
© 2010 Varonis Systems. Proprietary and confidential.
Unstructured data explosion
80% of all data is
unstructured or semi-structured
650% growth over
the next 5 years
Source: Gartner Jan 2010
Risks, controls & regulations
© 2010 Varonis Systems. Proprietary and confidential.
Page 4
• File System data is at great risk for loss, theft, and misuse
• Access configuration changes are untested
High Risk Levels
• Many access controls are “loose,” even broken
• No audit trail exists
• More than half of data has no known business owner
File System Control Gaps
• BASEL II
• PCI
• Sarbanes Oxley/EURO SOX
Regulatory Requirements
Multiple collaboration platforms
Windows UNIX SharePoint
NAS Exchange
© 2010 Varonis Systems. Proprietary and confidential.
Page 5
© 2008 Varonis Systems. Proprietary and confidential.
Access controls protect unstructured data
• Authentication: Who you are
• Authorization: What you can do
• Auditing: What you did
© 2008 Varonis Systems. Proprietary and confidential.
Why Unstructured Data Is At Risk
Reality: Nearly 100% of organizations today are NOT able
to realize effective and rightful access to business data.
Access rights are “inherited” not warranted.
Roles change constantly
(job change, promotion, project) Data access has no business
context (read, write, execute)
Question: What links users to data?
Answer: People without context for
data ownership or rightful data use
Data/File Servers Directory name
File type
Access Controls
(Read, Write, etc.)
User/
Directory Services Name
Department
Group Membership
Other identity info, etc.
File
Server
Admins
Security
Admins
IT
Helpdesk
Directory
Managers
Information security starts here
• RIGHT information RIGHT user RIGHT time
• Generates questions like;
Who CAN access information?
Who IS accessing information?
Who SHOULD have access to information?
Who is the OWNER?
Where is my CRITICAL information?
© 2008 Varonis Systems. Proprietary and confidential.
Page 8
© 2008 Varonis Systems. Proprietary and confidential.
Question 1; Who has access?
Windows
Sharepoint
UNIX
NAS
TODAY
Manually
© 2008 Varonis Systems. Proprietary and confidential.
With VARONIS; Dynamic Bi-Directional Visibility
Data…
Users/Groups…
to Users/Groups to Data
Sharepoint
UNIX
NAS
Windows
© 2008 Varonis Systems. Proprietary and confidential.
Question 2; Who is accessing?
TODAY
Silo Based
Access Logs
Windows
Sharepoint
UNIX
NAS
© 2008 Varonis Systems. Proprietary and confidential.
With VARONIS; Full Audit Trail
Search, Sort, and Group
© 2008 Varonis Systems. Proprietary and confidential.
Question 3; Who SHOULD have access?
TODAY
Permission
Revocation – Manual error
prune processes!
© 2008 Varonis Systems. Proprietary and confidential.
With VARONIS; Actionable Recommendations
Excess Permissions?
By User
What if?
© 2008 Varonis Systems. Proprietary and confidential.
Question 4; Who is the DATAOWNER?
TODAY
Ask someone!
© 2008 Varonis Systems. Proprietary and confidential.
With VARONIS; Data Ownership Identification
Active Users
© 2008 Varonis Systems. Proprietary and confidential.
With VARONIS; Business Oriented and Automated
Authorization Workflow
© 2008 Varonis Systems. Proprietary and confidential.
Question 5; Where is my CRITICAL data and WHO has access?
TODAY
Complex DLP
Suites/Tools
With VARONIS; Identify Risk – Over-exposed Sensitive Data
© 2008 Varonis Systems. Proprietary and confidential. © 2008 Varonis Systems. Proprietary and confidential.
Page 21
Varonis & Its Customers
About Varonis Systems Inc
• Varonis Systems Inc
leading innovator in comprehensive Data Governance
Est. 2005
220 Employees
HQ in NYC USA
12 Offices WW
2 Support centers
70% YoY Growth
2
• Effective and scalable data access control
• Increased and consistent data protection
• Reduction in the cost and complexity of data control
• Comprehensive and granular audit of data use
Data Governance “Framework of people,
permissions and
processes that are
employed in proper data
use for:
© 2008 Varonis Systems. Proprietary and confidential.
Who Needs Varonis Data Governance?
Varonis Publicly Referenced Customers
Over 1000 Customers & 3000 Installations…and growing!
Solutions are relevant for all sizes of companies in all industries
The Business Value of Varonis Solutions
• Increased data protection
Automation reduces errors & keeps up with ever increasing data volume
Intelligence guides decision-making
Continuous auditing improves accountability
Proper access control limits risk of data loss
• Improved operational efficiency
Fully leverages existing IT investments (storage, user directories, etc.)
Saves 90% of the time it takes to review entitlements
Generates audit reports in seconds
© 2008 Varonis Systems. Proprietary and confidential.
Users Data
Automated
Data Entitlement
Varonis
Cut Time & Cost of Managing
Data Entitlement
4
Want to know for yourself?
© 2008 Varonis Systems. Proprietary and confidential.
Page 25
• DSS offers free audit of your environment;
Who CAN access information?
Who IS accessing information?
Who SHOULD have access to information?
Who is the OWNER?
Where is my CRITICAL information?