Download - DSS ITSEC Conference 2012 - Varonis Eliminating Data Security Threats

Eliminating Data Security Threats

Daniel Gutman, Varonis Systems

© 2012 Varonis Systems. Proprietary and confidential.


Data? What data?

650% growth

in the next 5

years!

Unstructured & Semi Structured Data


PERCENTAGE OF THE DIGITAL UNIVERSE

Security-Intense Compliance- Intense

Preservation- Intense

0%

10%

20%

30%

40%

50% 2007 2011

Source: IDC

Can IT answer?

Who has access to this folder?

Which folders does this user or

group have access to?

Who has been accessing this

folder?

Which data is sensitive?

Who is the data owner?

Where is my sensitive data

overexposed?

How do I fix it?

Where do I begin?

Data Explosion – Are We Ready?

91% Lack processes for

determining data

ownership

76% Unable to determine

who can access

unstructured data


+ Data

+ Collaboration

+ Cross-Functional Teams

+ Security Requirements

=

MORE Containers

MORE ACLs

MORE Management

SOURCE:

PONEMON INSTITUTE

MORE

Functional Relationships in 10TB, 1000 Users


Secure Collaboration Maximizes Value

Too much access

Uncontrolled

Collaboration

No Access

No Collaboration

Maximum

Value

Negative Value

(Damage)

Correct Access

Correct Auditng No Value


Survey: 22% reported a data breach

Breached 22%

Not Breached 78%

Data Breaches


Breach has cost


43% of Breaches by “Trusted” Insiders



So, how do we

protect our data?

Data Protection Flow

• Authentication Users are who they say they are

• Authorization Users have access to only what they need

• Auditing Monitor actual access

• Alert On unusual activity


Authentication Authorization Auditing

If we do that…

• Access is controlled

No one gets access to data who shouldn’t

No data is exposed to people that shouldn’t see it

• Access is monitored

No one can access data without it being logged

Logs are inspected (with automation)

• Unusual activity is flagged

Humans can investigate the right things



What might this

look like?

Varonis Metadata Framework

• Four types of metadata are collected, synthesized, processed, and presented:

File System & Permissions Information

User and Group Information

Access Activity

Sensitive Content Indicators

• Actionable data governance information:

WHO has access to a data set?

WHO should have access to data set?

WHO has been accessing it?

WHICH data is sensitive?

WHO is the data owner?

WHERE is my sensitive data overexposed, and how do I fix it?

• Allows data owners to participate in data governance:

Automated Entitlement reviews

Authorization workflows

Foundation for Secure Collaboration

Varonis Data Governance Life Cycle


Identify Sensitive

Folders & Files

Profile Data Use

•All file activity will be monitored by Varonis

Prioritize Based on Content &

Exposure

Data to Business Alignment

•Identify Demarcation Containers

•Identify Data Owners

Remediate Excessive Permissions

•Global Group Access

•Stale Group Memberships

Data Owner Participation

•Review Access

•Examine Activity

•Review Stale Data


Permissions - Bi-Directional Visibility

Data…

Users/Groups…

to Users/Groups to Data


Audit Trail

Search, Sort, and Group

Actionable Data


Sensitive Data Exposed Data • Prioritized list of folders that should be

addressed Top folders that contain a large percentage of sensitive data

-AND-

Have excessive/loose permissions


Activity Analysis

• Most/Least Active Users

• Most/Least Active Directories

• Anomalous Behavior


Data Ownership Identification

Active Users

Reports – Automatic for Owners


Permissions

Activity

Data Owner Involvement

• Entitlement Reviews

• Authorization Workflow

• Self Service Portal

• Automated Rules


Improving Today’s Environments with Automation

• Data is accessible to many users

• Access is rarely reviewed

91% of organizations don’t have a process to identify data owners

76% of organizations can’t produce a permissions report (Source: Ponemon Institute)

• User access is rarely audited

• User access is rarely analyzed

• Unused data is left at-risk


• Data is accessible to only the right users

• Access is reviewed regularly

Owners will be identified based on metadata, assigned, tracked & involved

Permissions reports will be created and sent automatically

• User access is audited continuously

• User access is analyzed automatically

• Unused data is automatically moved or deleted

Varonis: Immediate Operational and

Financial Benefits

Ensuring appropriate access & permissions

Finding lost, moved, copied files

Audit & Analyze Data Use Activity

Permissions Analysis & Testing

Data ownership identification

Storage cost savings

Significant, quantifiable return on investment


Thank You!

Daniel Gutman

[email protected]


IDU Multi-tiered Architecture


Архитектура Varonis IDU


Download - DSS ITSEC Conference 2012 - Varonis Eliminating Data Security Threats

Top Related