© 2011 Varonis Systems. Proprietary and confidential.© 2011 Varonis Systems. Proprietary and confidential.

Sandro Huber

CIO

FreeDivision

© 2011 Varonis Systems. Proprietary and confidential.© 2011 Varonis Systems. Proprietary and confidential.

Unstructured Data Explosion

© 2011 Varonis Systems. Proprietary and confidential.

80%of all data is

unstructured or semi-structured

650%growth over

the next 5 years

Source: Gartner

Can IT answer?

Who has access to this folder?

Which folders does this user or

group have access to?

Who has been accessing this

folder?

Which data is sensitive?

Who is the data owner?

Where is my sensitive data

overexposed?

How do I fix it?

Where do I begin?

Data Explosion – Are We Ready?

91%Lack processes for

determining data

ownership

76%Unable to determine

who can access

unstructured data

© 2011 Varonis Systems. Proprietary and confidential.

Page 4

+ Data

+ Collaboration

+ Cross-Functional Teams

+ Security Requirements

=

MORE Containers

MORE ACLs

MORE Management

SOURCE:

PONEMON INSTITUTE

MORE

© 2011 Varonis Systems. Proprietary and confidential.

DatAdvantage Overview

• Permissions Visibility

• Usable Audit Trail

• Permissions Recommendations & Modeling

• Data Ownership Identification

• Data Classification Information*(with DCF)

Windows Servers

Unix Servers

NAS Devices

SharePoint

Exchange

Permissions - Bi-Directional Visibility

© 2011 Varonis Systems. Proprietary and confidential.

Data…

Users/Groups…

to Users/Groupsto Data

Exchange- Bi-Directional Visibility

© 2011 Varonis Systems. Proprietary and confidential.

Data…

Users/Groups…

to Users/Groups

to Data

Unix Visibility

© 2011 Varonis Systems. Proprietary and confidential.

POSIX ACL’s

Identify Risk – Over-exposed Sensitive Data

© 2011 Varonis Systems. Proprietary and confidential.

Audit Trail

© 2011 Varonis Systems. Proprietary and confidential.

Search, Sort, and Group

Audit Trail with Data Classification

© 2011 Varonis Systems. Proprietary and confidential.

Audit Trail with Exchange

© 2011 Varonis Systems. Proprietary and confidential.

Page 12

Recommendations

© 2011 Varonis Systems. Proprietary and confidential.

Excess Permissions?

By User

What if?

Permissions Clean-up

© 2011 Varonis Systems. Proprietary and confidential.

Simulate ChangesView Outcome

Activity Analysis

© 2011 Varonis Systems. Proprietary and confidential.

• Most/Least Active Users

• Most/Least Active Directories

• Anomalous Behavior

Data Ownership Identification

© 2011 Varonis Systems. Proprietary and confidential.

Active Users

Data Ownership Assignment

© 2011 Varonis Systems. Proprietary and confidential.

Right-click

Set Ownership

Reports – Automatic Data Owner Involvement

© 2011 Varonis Systems. Proprietary and confidential.

Permissions

Activity

Go to DataPrivilege Demo

DataPrivilege Overview

• Entitlement Reviews

• Authorization Workflow

• Self Service Portal

• Ethical Walls

© 2011 Varonis Systems. Proprietary and confidential.

Page 19

DataPrivilege – Automated Entitlement Reviews

© 2011 Varonis Systems. Proprietary and confidential.

• Approve or Overrule:

Changes

DA Recommendations

• Report

DataPrivilege – Authorization Workflow

© 2011 Varonis Systems. Proprietary and confidential.

• Expiration Date

• Audit Trail

• Report

Complete Self Service Governance Portal

© 2011 Varonis Systems. Proprietary and confidential.

Page 22

Permissions

Log

Statistics

Risks, Controls & Regulations

© 2011 Varonis Systems. Proprietary and confidential.

Page 23

• File System data is at great risk for loss, theft, and misuse

• Access configuration changes are untested

High Risk Levels

• Many access controls are “loose,” even broken

• No audit trail exists

• More than half of data has no known business owner

File System Control Gaps

• HIPAA

• PCI-DSS

• Sarbanes Oxley

Regulatory Requirements

Management Challenges

© 2011 Varonis Systems

Page 24

1 TB of Data 2500 Unique FoldersManagement

Challenges

Access Control

How do we grant

access?

Revoke it?

Data Ownership

Which folders need

owners?

How do we identify the owners?

Global Access

How many folders are

open?

How do we remediate?

Sensitive Content

Which data is sensitive?

How do we manage it?

For every unique folder…

Your Data in 5 Years

© 2011 Varonis Systems. Proprietary and confidential.

Page 25

0

5

10

15

20

25

30

1

2

3

4

5

5 811

17

TB

of D

ata

Unstructured data is growing at 50% per year…

If you have 5TB today…

…in five years you’ll have

25TB!

25

Containers and Permissions

© 2011 Varonis Systems. Proprietary and confidential.

Page 26

A single terabyte of data contains folders

terabyte

of which are unique and need to be managed

= folders = unique

Your Permissions in 5 Years

© 2011 Varonis Systems. Proprietary and confidential.

Page 27

0

20000

40000

60000

80000

1

2

3

4

5

Un

iqu

e F

old

ers

As the data grows, so

grows the complexity

If you have 15,000 folders today…

…in five years you’ll

have over

Storage Savings

© 2011 Varonis Systems

Page 28

With 10 terabytes of data, 4-6 TB is likely

stale and can be archived without

impacting business activity

Active

Stale

How much are you spending on storage?

Storage Savings

© 2011 Varonis Systems

Page 29

User ActivityStale Data

IdentificationStorage Savings

$By analyzing actual user activity, Varonis

can identify stale data which can be

archived to less-expensive storage.

Varonis Customers

© 2011 Varonis Systems. Proprietary and confidential.

Over 900 Customers & 3500 Installations…and growing!

© 2011 Varonis Systems. Proprietary and confidential.© 2011 Varonis Systems. Proprietary and confidential.

Sandro Huber

D ě k u j e m e z a p o z o r n o s t