varonis overview data governance & secure file sharing june 5, 2013 presented by: dietrich...
Post on 26-Dec-2015
219 Views
Preview:
TRANSCRIPT
VARONIS OVERVIEWDATA GOVERNANCE & SECURE FILE SHARING
JUNE 5, 2013
Presented By: Dietrich Benjes
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL
ABOUT VARONIS
Founded end of 2004, started operations in 2005
Over 2000 Customers
Over 5000 installations world-wide
Based on patented technology and a highly accurate analytics engine,
Varonis solutions give organizations total visibility and control over their
unstructured data, ensuring that only the right users have access to the
right data at all times from all devices, all use is monitored, and abuse is
flagged.
VARONIS SOLUTIONS
GOVERNANCE
ACCESS
RETENTION
Ensure that only the right people have access to the right data at all times, access is monitored and abuse is flagged.
Use your existing file shares, on your own servers, to provide file synchronization, mobile access, and secure 3rd party sharing.
Intelligently automate data disposition, archiving and migration process using the intelligence of the Varonis Metadata Framework
FAMILIAR QUESTIONS
Who has access to data?
Who should and shouldn't have access to data?
Who uses the data? Is any of it stale?
Who abuses their access?
Who owns data?
What does all this data contain?
Which files contains the information I need?
Which data is sensitive and exposed to risk?
Who collaborates with whom?
Is any data redundant, duplicated, or unneeded?
How can I be sure no one is using public cloud file sync services?
VARONIS USE CASES
Identify and remediate access to sensitive data
Monitor and alert on file access activity
Identify and involve Data owners
Commit changes to production environment
Track changes to file system and directory service objects
Identify and clean-up stale data and inactive resources
Perform automated data retention and migration operations
Provide cloud-like file synchronization/sharing with your own
infrastructure
METADATA FRAMEWORK COMPONENTS
Retention/Storage
Analysis & Modeling
Aggregation & Normalization
File System Meta Data Collection
User Data
Collection
Commit Engine
DatAdvantageDataPrivilege
Windows File
Systems
UNIX/Linux
SharePointMS Active Directory
LDAP NISLocal
Accounts
Content Classification
Presentation
NAS
Access Activity
IDU
Exchange
DatAnywhereData Routing
Network
Product Slides
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL
Permissions Visibility
Usable Audit Trail
Permissions Recommendations &
Modeling
Data Ownership Identification
Data Classification Information*
(with DCF)
© 2012 Varonis Systems. Proprietary and confidential.
Windows Servers
Unix Servers
NAS Devices
SharePoint
Exchange
DATADVANTAGE
Entitlement Reviews
Authorization Workflow
Ethical Walls
Self-Service Portal
© 2012 Varonis Systems. Proprietary and confidential.
DATAPRIVILEGE
DATA TRANSPORT ENGINE
Find data based on metadata
Content, Permissions, Activity, File System info, etc.
Move it or delete it automatically
Scheduled, continual, incremental
Keep the permissions or make them better
Automatically handles cross platform and cross domain
moves
Automatically implements simulations and
recommendations if desired
DATANYWHERE
Provide the cloud experience…
File Synchronization
Mobile device and web access
3rd party collaboration
…without the cloud
All data kept on standard CIFS servers
All permissions enforced
Users authenticate with Active Directory
Product Slides
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL
WHO HAS ACCESS TO ANY DATA SET?
WHAT DATA CAN A USER OR GROUP ACCESS?
WHAT HAS A USER OR GROUP ACCESSED?
WHO DELETED MY FILES?
WHO SHOULDN’T HAVE ACCESS?
COMMIT CHANGES TO ALL PLATFORMS
EARLY RESIGNATION DETECTION
SIMULATE CHANGES
WHAT DATA IS STALE?
AUTOMATICALLY MOVE OR DELETE DATA
WHO OWNS DATA?
AUTOMATE ENTITLEMENT REVIEWS
AUTOMATE AUTHORIZATION PROCESSES
SELF-SERVICE PORTAL
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL
DatAnywhere
• Public cloud file sharing has exploded• As of November 2012, Dropbox claimed to have
more than 100,000,000 customers
© 2012 Varonis Systems. Proprietary and confidential.
CLOUD EXPLOSION
MOBILE & REMOTE ACCESS
But…
1 in 5 employees already
use Dropbox for work!
Source: Nasuni http://www6.nasuni.com/shadow-it-2012.html
Source: BYOS http://www.varonis.com/research
80% of organizations don’t allow cloud based file
sync services
WHAT’S THE DOWNSIDE?
– More risk• For a 4 hour period in June 2011, Dropbox's
authentication allowed anyone to log in to any account
– More complexity and confusion• Different user database• Different permissions• New processes for backup, archiving, etc.
– Infrastructure is separate and redundant• Where’s the definitive copy?• Different employees using different file
sharing platforms
© 2008 Varonis Systems. Proprietary and confidential.
MOBILE APPS
© 2012 Varonis Systems. Proprietary and confidential.
DATA GOVERNANCE SUITE – Still works!
• Use DatAdvantage to manage permissions• Use DataPrivilege to automate authorization• DatAnywhere activity is recorded by
DatAdvantage
Page 32
© 2012 Varonis Systems. Proprietary and confidential.
Governance Suite – Real World Example:
Data owners can review DatAnywhere activity just as they would for any normal file share.
Page 33
© 2012 Varonis Systems. Proprietary and confidential.
Window
s
Mac
Smart
Phone
Tablet
DatAnywhere Client
DN Edge server
Sync Manag
er
Sync Worker
Sync Worker
DN Edge server
Client authorizati
on
DatAnywhere Architecture
Windows File
Systems
UNIX/Linux
NAS
MS Active Directory
Sync Manag
er
CIFS/NFSHTTPS
SAMPLE DEPLOYMENT
© 2012 Varonis Systems. Proprietary and confidential.
Thank youDietrich Benjesdietrich@varonis.com0781 8041186
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL
top related