BRING YOUR OWN SERVICE THE EFFECTS OF CLOUD SERVICES ON COMPLIANCE AND DATA PROTECTION VARONIS...

BRING YOUR OWN SERVICETHE EFFECTS OF CLOUD SERVICES ON COMPLIANCE AND DATA PROTECTION

VARONIS SYSTEMS. PROPRIETARY AND CONFIDENTIAL.

ABOUT VARONIS

Founded in 2004, started operations in 2005

Over 1800 Customers

Over 4500 installations

Offices on 6 continents

Based on patented technology and a highly accurate

analytics engine, Varonis solutions give organizations

total visibility and control over their unstructured data,

ensuring that only the right users have access to the

right data at all times from all devices, all use is

monitored, and abuse is flagged.


BRING YOUR OWN DEVICE

BRING YOUR OWN SERVICE

EXAMPLE: CLOUD FILE SHARING EXPLOSION

Public cloud file sharing has exploded

As of November 2012, Dropbox claimed

to have 100,000,000 customers


WHY DO PEOPLE LOVE DROPBOX?

It’s easy!

You have a folder

You put stuff in it

It syncs

With all your devices

With the people you want to share with

Services like this make BYOD work

…but does BYOS work for business?


Hey boss, can I use Dropbox?


No.

=(


VARONIS BYOS SURVEY RESULTS


of companies currently do not allow cloud-based file synchronization

of companies are satisfied with the controls that cloud-based file sync services have in place

of companies are not satisfied but are going ahead anyway

ACCESS RIGHTS AND AUTHORIZATION


Why not?

worried about maintaining correct access rights and authorization

AUTHENTICATION


Why not?

worried about authentication

AUDITING & DATA LOSS


Why not?

worried about data loss or auditing access activity

FEARED CONSEQUENCES


Downtime Loss of productivity

Compliance violations

Data theft

SO, WILL YOU EVER ALLOW DROPBOX?


No

Yes

IT plans to allow cloud-based file sync

TOO BAD! WE’RE USING THEM ANYWAY

1 in 5 employees

already use

Dropbox for work!

Source: Nasuni http://www6.nasuni.com/shadow-it-2012.html


http://www6.nasuni.com/shadow-it-2012.html

http://www6.nasuni.com/shadow-it-2012.html

Doing nothing means we’ll lose control


WHAT IF…

…you could manage them in the same way you can manage internal resources?


Yes

No

LET’S HAVE OUR CAKE AND EAT IT, TOO

Give users what they want:

Simplicity

Accessibility

Mobile support

Give organizations what they need:

Control

Compliance

Security


How do we do this?


WHAT ARE THE OPTIONS?

Cloud

Internal


To the cloud!

Cloud


DO YOU HAVE AN EXISTING INFRASTRUCTURE?


Existing infrastructure?

Easy!

No Yes

No Yes

CONTROLS IN THE CLOUD

Data stored in the cloud is still subject to

the same risks as internal data

According to the Information

Commissioner’s Office (ICO), you’re still

responsible for your data even if it’s

stored in the cloud


DON’T FORGET TO PACK…

Backup & recovery processes (BCP/DR)

Authorization processes (entitlement

reviews, authorization workflows)

Retention & Disposition

Content inspection

Access auditing

Change management


Extend your existing infrastructure

Internal


DO YOU HAVE AN EXISTING INFRASTRUCTURE?


Existing infrastructure?

This is a whole different presentation

No Yes

WHAT DO WE NEED?

We need to provide client for mobile devices and laptops

We need to provide file sync

We need to authenticate with Active Directory

We need to enforce existing permissions

We need to coexist with all the internal controls we

mentioned before (backup, classification, etc.)

Would be ideal to be able to have everything contained in

our own infrastructure


VARONIS DATANYWHERE

Provide cloud usability using only existing

infrastructure:

There’s a folder

You put stuff in it

It syncs…

With your existing storage (NAS, file

servers)

Using Active Directory credentials

Using your existing file system permissions



STEP 1: LOGIN

Login with your domain credentials (Active

Directory) and/or multi-factor authentication

STEP 2: COLLABORATE

Your sync’d folders appear in explorer

Changes sync to your CIFS serversVARONIS SYSTEMS. PROPRIETARY AND CONFIDENTIAL.

SEE SYNC SPEEDS AND NOTIFICATIONS


MOBILE APPS


RIGHT CLICK FOR INSTANT EXTRA-NET


SECURE COLLABORATION WITH 3RD PARTIES

Set permissions and expiration dates.

Share with partners, customers, vendors, and clients.VARONIS SYSTEMS. PROPRIETARY AND CONFIDENTIAL.

Windows

Mac

Smart

Phone

Tablet

DatAnywhere Client

DN Edge server

Sync Manager

Sync Worker

Sync Worker

DN Edge server

Client authorization

DATANYWHERE ARCHITECTURE

Varonis Systems. Proprietary and confidential.

Windows File

Systems

NAS

MS Active Directory

Sync Manager

CIFSHTTPS

One more thing…


INTEGRATES WITH DATA GOVERNANCE SUITE

Use DatAdvantage to manage permissions

Use DataPrivilege to automate authorization

DatAnywhere activity is recorded by DatAdvantage


SUMMARY

Cloud-style sharing and BYOD may be inevitable

Organizations must choose a direction before

the employees choose one for them

Organizations have a choice between moving

data to the cloud, or extending their existing

infrastructure to provide cloud-style capabilities

in-house

Whichever direction your organization chooses,

governance will be instrumental for secure

collaboration


VARONIS SOLUTIONS

GOVERNANCE

ACCESS

RETENTION

Ensure that only the right people has access to the right data at all times, access is monitored and abuse is flagged.

Use your existing file shares, on your own servers, to provide file synchronization, mobile access, and secure 3rd party sharing.

Intelligently automate data disposition, archiving and migration process using the intelligence of the Varonis Metadata Framework

Thank you


BRING YOUR OWN SERVICE THE EFFECTS OF CLOUD SERVICES ON COMPLIANCE AND DATA PROTECTION VARONIS...

Documents

Transcript of BRING YOUR OWN SERVICE THE EFFECTS OF CLOUD SERVICES ON COMPLIANCE AND DATA PROTECTION VARONIS...