11 things it should be doing

Download 11 things it should be doing

Post on 22-Aug-2015



Data & Analytics

0 download

Embed Size (px)


  1. 1. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL Our mission is to help enterprises realize value from their unstructured data. 11 Things IT Should Be Doing (But Isnt) Presenter:
  2. 2. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL2 Agenda Company Overview Unstructured Data Explosion 11 Things IT Must Do Why are they important? What to look for?
  3. 3. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL4 About Varonis Founded in 2004, started operations in 2005 Over 1800 Customers Over 4500 installations Offices on 6 continents Based on patented technology and a highly accurate analytics engine, Varonis solutions give organizations total visibility and control over their unstructured data, ensuring that only the right users have access to the right data at all times from all devices, all use is monitored, and abuse is flagged.
  4. 4. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL5 Varonis Solutions GOVERNANCE ACCESS RETENTION Ensure that only the right people has access to the right data at all times, access is monitored and abuse is flagged. Use your existing file shares, on your own servers, to provide file synchronization, mobile access, and secure 3rd party sharing. Intelligently automate data disposition, archiving and migration process using the intelligence of the Varonis Metadata Framework
  5. 5. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL6 Varonis Products 9 Products in 8 years DatAdvantage for Windows DatAdvantage for UNIX/Linux DatAdvantage for SharePoint DatAdvantage For Exchange DatAdvantage for Directory Services IDU Classification Framework DataPrivilege Data Transport Engine DatAnywhere
  6. 6. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL7 Unstructured Data Explosion
  7. 7. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL8 Data GROWTH Facts (IDC Digital Universe) By 2020 (Source: IDC) Number of servers will grow by 10X Data volume will grow by 14X IT staff will grow by 1.4X Protection 19% is protected 25% needs protection Big Data Analysis < 1% of data is tagged and analyzed 23% would be valuable if tagged Cloud < 25% of data will be stored in the cloud
  8. 8. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL9 Data is the lifeblood of business Data is a business asset that is constantly appreciating Human-created content is extremely rich and valuable Documents, spreadsheets, presentations, audio, video In order to get value, people across many teams need to be able to collaborate and share data But, if the wrong people access data, it can damage the business
  9. 9. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL10 Data Challenges According to recent research: Only 26% of companies are very confident their data is protected 18% werent confident at all 23% of companies are not confident or unsure where their critical business data resides 27% of companies do not monitor any access activity on file servers and SharePoint sites 13% of companies never revoke access to data when an employee leaves the organization 61% do not scan their environment for sensitive data www.varonis.com/research
  10. 10. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL11 Tough Questions Who has access to data? Who should and shouldn't have access to data? Who uses the data? Is any of it stale? Who abuses their access? Who owns data? What does all this data contain? Which data is sensitive and exposed to risk? Is any data redundant, duplicated, or unneeded?
  11. 11. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL12 11 Things IT Should Be Doing (But Isnt)
  12. 12. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL13 11 THINGS IT SHOULD BE DOING 1. Audit Data Access 2. Inventory Permissions 3. Prioritize Data 4. Remove Global Access Groups 5. Identify Data Owners 6. Perform Entitlement Reviews 7. Align Security Groups to Data 8. Audit Permission and Group Changes 9. Lock Down, Delete, or Archive Stale Data 10. Clean Up Legacy Groups and Artifacts 11. Get Control of Public Cloud Services
  13. 13. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL14 1. AUDIT DATA ACCESS - IMPORTANCE An Audit trail is necessary to answer key questions: Who uses which files & folders? Who owns them? Who isnt using data? How can access controls be tightened? What data is not being accessed at all? What can we archive? Common IT Questions: Who deleted my files? Common Security Questions: What did this person access?
  14. 14. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL15 Audit trail: What to look for Non-Intrusive Complete Normalized Searchable, Sortable
  15. 15. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL16 2. PERMISSIONS INVENTORY IMPORTANCE Permissions are how we manage access They are on every type of container Folders, SharePoint objects, Mailboxes, etc. Without a map of permissions, we cant answer: Who has access to which files, folders, etc. What data a user or group has access to Where permissions are misconfigured, too loose
  16. 16. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL17 Permissions Inventory: What to look for Non-Intrusive Correlate Users & Groups Bi-Directional Complete, Pre-Collected
  17. 17. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL18 3. PRIORITIZING DATA IMPORTANCE Most organizations have many Terabytes of unstructured data Thousands of folders need remediation Global access Large Groups It makes sense to prioritize remediation efforts on important data Key Questions: What should I remediate right now?
  18. 18. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL19 Prioritizing Data: What to Look For
  19. 19. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL20 Prioritizing Data: What to Look For Sensitive Data Exposed Data Prioritized list of folders that should be addressed Lots of sensitive data -AND- Excessive/loose permissions
  20. 20. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL21 4. CLEAN UP GLOBAL ACCESS IMPORTANCE Data Open to the entire organization Open Shares Everyone, Authenticated Users, Users Key Question: How do we lock down exposed data safely?
  21. 21. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL22 What to Look For: Global Access Change Modeling Change Execution
  22. 22. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL23 5. IDENTIFYING OWNERS IMPORTANCE Data is an asset who decides? Who should be allowed to access it What use is appropriate That person needs to be defined Probably shouldnt be IT Common responses: We have owners for groups (well get to that) Managers decide who should have access (inefficient and ineffective)
  23. 23. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL24 Ownership: What to look for Easy identification of: Folders that need owners Ownership candidates Owner assignment and tracking
  24. 24. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL25 6. ENTITLEMENT REVIEWS IMPORTANCE Access Control Needs Change People change jobs, roles Teams form and dissipate Key Question How can we make entitlement reviews more efficient and effective?
  25. 25. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL26 Entitlement Reviews: What to Look For Intelligence Automated Delivery Execution
  26. 26. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL27 For unstructured data, a critical link has been lost: Which groups grant access to which resources? 7. ALIGN GROUPS TO DATA IMPORTANCE UNKNOWN
  27. 27. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL28 Permissions Map Simulation Capabilities Unused, Empty Groups GROUPS TO DATA: WHAT TO LOOK FOR
  28. 28. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL29 8. AUDIT ACCESS CHANGES IMPORTANCE Now that weve fixed everything, we need to keep it that way. Access Control Lists Group Membership Changes must be approved by owners
  30. 30. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL31 9. Identify Stale Data Importance 40-60% of data is likely stale and can be archived without impacting business activity Active Stale How much are you spending on storage? How much data is unnecessarily accessible?
  31. 31. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL32 Stale Data: What to Look For Uses real activity Reportable Automated archiving
  32. 32. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL33 10. CLEAN UP IMPORTANCE Complexity breeds mistakes Artifacts Impact Performance
  33. 33. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL34 CLEAN UP: WHAT TO LOOK FOR Orphaned SIDS Individual ACEs Disabled Users Looped Nested Groups Empty Security Groups
  34. 34. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL35 11. Control public cloud services - Importance Unapproved public cloud services Risk Does the organization even know about data stored there? Who grants/revokes access? Where is the data stored? Security controls are they available? IT Overhead Users/Group management? Permissions management? Facts 80% of organizations dont allow cloud based file sync services But 1 in 5 employees already use Dropbox for work! 78% would like to offer these services if they could offer them using their existing infrastructure*. Source: Nasuni http://www6.nasuni.com/shadow-it-2012.html Source: BYOS http://www.varonis.com/research
  35. 35. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL36 Approved Alternative what to look for Can leverages data-in-place Can leverage existing Permissions and Security Has External collaboration capabilities Has Desktop, web and mobile app access
  36. 36. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL37 11 THINGS IT SHOULD BE DOING 1. Audit Data Access 2. Inventory Permissions 3. Prioritize Data 4. Remove Global Access Groups 5. Identify Data Owners 6. Perform Entitlement Reviews 7. Align Security Groups to Data 8. Audit Permission and Group Changes 9. Lock Down, Delete, or Archive Stale Data 10. Clean Up Legacy Groups and Artifacts 11. Get Control of Public Cloud services
  37. 37. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL38 Efficiency AND Risk Reduction Access Provisioning 20 minutes 1 minute Permissions Report 30 minutes 1 minute Identify Data Owner 4 hours 20 minutes Remediate Global Group 6 hours 10 minutes Entitlement Review 30 minutes 2 minutes
  38. 38. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL39 SECURE COLLABORATION Too much access Uncontrolled Collaboration No Access No Collaboration Maximum Value Negative Value (Damage) Correct Access No Value
  39. 39. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL40 SECURE COLLABORATION Trust Access is restricted Data owners identified Owners Review Access Verify Access Audited Usage analyzed Less will arrive at endpoints Data assets need the same controls as financial assets: Only the right people have access Access is continually maintained Use is monitored Abuse is observed and controlled
  41. 41. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL Thank you Sign up for a FREE Evaluation