varonis overview data governance & secure file sharing june 5, 2013 presented by: dietrich...

VARONIS OVERVIEWDATA GOVERNANCE & SECURE FILE SHARING

JUNE 5, 2013

Presented By: Dietrich Benjes

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL

ABOUT VARONIS

Founded end of 2004, started operations in 2005

Over 2000 Customers

Over 5000 installations world-wide

Based on patented technology and a highly accurate analytics engine,

Varonis solutions give organizations total visibility and control over their

unstructured data, ensuring that only the right users have access to the

right data at all times from all devices, all use is monitored, and abuse is

flagged.

VARONIS SOLUTIONS

GOVERNANCE

ACCESS

RETENTION

Ensure that only the right people have access to the right data at all times, access is monitored and abuse is flagged.

Use your existing file shares, on your own servers, to provide file synchronization, mobile access, and secure 3rd party sharing.

Intelligently automate data disposition, archiving and migration process using the intelligence of the Varonis Metadata Framework

FAMILIAR QUESTIONS

Who has access to data?

Who should and shouldn't have access to data?

Who uses the data? Is any of it stale?

Who abuses their access?

Who owns data?

What does all this data contain?

Which files contains the information I need?

Which data is sensitive and exposed to risk?

Who collaborates with whom?

Is any data redundant, duplicated, or unneeded?

How can I be sure no one is using public cloud file sync services?

VARONIS USE CASES

Identify and remediate access to sensitive data

Monitor and alert on file access activity

Identify and involve Data owners

Commit changes to production environment

Track changes to file system and directory service objects

Identify and clean-up stale data and inactive resources

Perform automated data retention and migration operations

Provide cloud-like file synchronization/sharing with your own

infrastructure

METADATA FRAMEWORK COMPONENTS

Retention/Storage

Analysis & Modeling

Aggregation & Normalization

File System Meta Data Collection

User Data

Collection

Commit Engine

DatAdvantageDataPrivilege

Windows File

Systems

UNIX/Linux

SharePointMS Active Directory

LDAP NISLocal

Accounts

Content Classification

Presentation

NAS

Access Activity

IDU

Exchange

DatAnywhereData Routing

Network

Product Slides


Permissions Visibility

Usable Audit Trail

Permissions Recommendations &

Modeling

Data Ownership Identification

Data Classification Information*

(with DCF)

© 2012 Varonis Systems. Proprietary and confidential.

Windows Servers

Unix Servers

NAS Devices

SharePoint

Exchange

DATADVANTAGE

Entitlement Reviews

Authorization Workflow

Ethical Walls

Self-Service Portal


DATAPRIVILEGE

DATA TRANSPORT ENGINE

Find data based on metadata

Content, Permissions, Activity, File System info, etc.

Move it or delete it automatically

Scheduled, continual, incremental

Keep the permissions or make them better

Automatically handles cross platform and cross domain

moves

Automatically implements simulations and

recommendations if desired

DATANYWHERE

Provide the cloud experience…

File Synchronization

Mobile device and web access

3rd party collaboration

…without the cloud

All data kept on standard CIFS servers

All permissions enforced

Users authenticate with Active Directory

Product Slides


WHO HAS ACCESS TO ANY DATA SET?

WHAT DATA CAN A USER OR GROUP ACCESS?

WHAT HAS A USER OR GROUP ACCESSED?

WHO DELETED MY FILES?

WHO SHOULDN’T HAVE ACCESS?

COMMIT CHANGES TO ALL PLATFORMS

EARLY RESIGNATION DETECTION

SIMULATE CHANGES

WHAT DATA IS STALE?

AUTOMATICALLY MOVE OR DELETE DATA

WHO OWNS DATA?

AUTOMATE ENTITLEMENT REVIEWS

AUTOMATE AUTHORIZATION PROCESSES

SELF-SERVICE PORTAL


DatAnywhere

• Public cloud file sharing has exploded• As of November 2012, Dropbox claimed to have

more than 100,000,000 customers


CLOUD EXPLOSION

MOBILE & REMOTE ACCESS

But…

1 in 5 employees already

use Dropbox for work!

Source: Nasuni http://www6.nasuni.com/shadow-it-2012.html

Source: BYOS http://www.varonis.com/research

80% of organizations don’t allow cloud based file

sync services

http://www6.nasuni.com/shadow-it-2012.html

http://www6.nasuni.com/shadow-it-2012.html

http://www.varonis.com/research

WHAT’S THE DOWNSIDE?

– More risk• For a 4 hour period in June 2011, Dropbox's

authentication allowed anyone to log in to any account

– More complexity and confusion• Different user database• Different permissions• New processes for backup, archiving, etc.

– Infrastructure is separate and redundant• Where’s the definitive copy?• Different employees using different file

sharing platforms


MOBILE APPS


DATA GOVERNANCE SUITE – Still works!

• Use DatAdvantage to manage permissions• Use DataPrivilege to automate authorization• DatAnywhere activity is recorded by

DatAdvantage


Governance Suite – Real World Example:

Data owners can review DatAnywhere activity just as they would for any normal file share.


Window

s

Mac

Smart

Phone

Tablet

DatAnywhere Client

DN Edge server

Sync Manag

er

Sync Worker

Sync Worker

DN Edge server

Client authorizati

on

DatAnywhere Architecture

Windows File

Systems

UNIX/Linux

NAS

MS Active Directory

Sync Manag

er

CIFS/NFSHTTPS

SAMPLE DEPLOYMENT


Thank youDietrich [email protected] 8041186


mailto:[email protected]

varonis overview data governance & secure file sharing june 5, 2013 presented by: dietrich...

Documents