Post on 23-Dec-2015
VARONIS SYSTEMS. PROPRIETARY AND CONFIDENTIAL.
ELIMINATING DATA SECURITY THREATS
Presented by: Michael Hartman
ABOUT VARONIS
Founded in 2004, started operations in 2005
Over 1800 Customers
Over 4500 installations
Offices on 6 continents
Based on patented technology and a highly accurate analytics
engine, Varonis solutions give organizations total visibility and
control over their unstructured data, ensuring that only the
right users have access to the right data at all times from all
devices, all use is monitored, and abuse is flagged.
VARONIS SYSTEMS. PROPRIETARY AND CONFIDENTIAL.
VARONIS SYSTEMS. PROPRIETARY AND CONFIDENTIAL.
Data?
What data?
VARONIS SYSTEMS. PROPRIETARY AND CONFIDENTIAL.
650% growth in the next 5 years!
UNSTRUCTURED DATA
PERCENTAGE OF THE DIGITAL UNIVERSE
Security-IntenseCompliance-Intense
Preservation-Intense
0%
10%
20%
30%
40%
50%2007 2011
Source: IDC
Can IT answer?
Who has access to this folder?
Which folders does this user
or group have access to?
Who has been accessing this
folder?
Which data is sensitive?
Who is the data owner?
Where is my sensitive data
overexposed?
How do I fix it?
Where do I begin?
DATA EXPLOSION – ARE WE READY?
91% Lack processes for
determining data
ownership
76%Unable to determine who
can access unstructured
data
Varonis Systems. Proprietary and confidential.
+ Data+ Collaboration
+ Cross-Functional Teams
+ Security
Requirements=
MORE ContainersMORE ACLs
MORE Management
SOURCE: PONEMON INSTITUTE
MORE
VARONIS SYSTEMS. PROPRIETARY AND CONFIDENTIAL.
SURVEY: 22% REPORTED A DATA BREACH
Breached22%
Not Breached
78%
Data Breaches
VARONIS SYSTEMS. PROPRIETARY AND CONFIDENTIAL.
$7.2 MILLION PER BREACH
VARONIS SYSTEMS. PROPRIETARY AND CONFIDENTIAL.
43% OF BREACHES BY “TRUSTED” INSIDERS
VARONIS SYSTEMS. PROPRIETARY AND CONFIDENTIAL.
SECURE COLLABORATION MAXIMIZES VALUE
Too much access
UncontrolledCollaboration
No AccessNo Collaboration
MaximumValue
Negative Value (Damage)
Correct AccessCorrect AuditingNo Value
VARONIS SYSTEMS. PROPRIETARY AND CONFIDENTIAL.
So, how do we protect our data?
DATA PROTECTION FLOW
Authentication
Users are who they say they are
Authorization
Users have access to only what they need
Auditing
Monitor actual access
Alert
On unusual activityVaronis Systems. Proprietary and confidential.
Authentication
Authorization Auditing
ALERT!
VARONIS SYSTEMS. PROPRIETARY AND CONFIDENTIAL.
IF WE DO THAT…
Access is controlled
No one gets access to data who shouldn’t
No data is exposed to people that shouldn’t see it
Access is monitored
No one can access data without it being logged
Logs are inspected (with automation)
Unusual activity is flagged
Humans can investigate the right things
VARONIS SYSTEMS. PROPRIETARY AND CONFIDENTIAL.
What might this look like?
PERMISSIONS - BI-DIRECTIONAL VISIBILITY
Varonis Systems. Proprietary and confidential.
AUDIT TRAIL
Varonis Systems. Proprietary and confidential.
VARONIS SYSTEMS. PROPRIETARY AND CONFIDENTIAL.
QUOTE FROM A CSO ON DLP
“Yesterday I had one
problem: where’s my
sensitive data?
Today I have 193,000
problems.”
ACTIONABLE DATA
Varonis Systems. Proprietary and confidential.
Sensitive Data Exposed Data• Prioritized list of folders that should be
addressedTop folders that contain a large percentage of sensitive data
-AND-
Have excessive/loose permissions
ACTIVITY ANALYSIS
Varonis Systems. Proprietary and confidential.
• Most/Least Active Users• Most/Least Active Directories• Anomalous Behavior
• Most/Least Active Users• Most/Least Active Directories• Anomalous Behavior
VARONIS SYSTEMS. PROPRIETARY AND CONFIDENTIAL.
RECOMMENDATIONS AND MODELING
VARONIS SYSTEMS. PROPRIETARY AND CONFIDENTIAL.
HBR ON DATA OWNERS
You don't manage people assets the same way you manage capital assets. Nor should you manage data assets in the same way you manage technology
assets. This may be the most fundamental reason for moving responsibility for data out of IT.
http://blogs.hbr.org/cs/2012/10/get_responsiblity_for_data_out.html
DATA OWNERSHIP IDENTIFICATION
Varonis Systems. Proprietary and confidential.
Active UsersActive Users
REPORTS – AUTOMATIC FOR OWNERS
Varonis Systems. Proprietary and confidential.
PermissionsPermissions
ActivityActivity
IMPROVING DATA SECURITY WITH AUTOMATION
Data is accessible to only the right users
Access is reviewed regularly
Owners will be identified based on metadata, assigned,
tracked & involved
Permissions reports will be created and sent automatically
User access is audited continuously
User access is analyzed automatically
Unused data is automatically moved or deleted
Varonis Systems. Proprietary and confidential.
REDUCED RISK, BETTER PROCESS
Varonis Systems. Proprietary and confidential.
Trust• Access is restricted• Data owners
identified• Owners Review
Access
Verify• Access Audited• Usage analyzed• Less will arrive at
endpoints
VARONIS SYSTEMS. PROPRIETARY AND CONFIDENTIAL.
Free 30 day trial!Assess your company’s data security threats.