VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL Our mission is to help enterprises realize value from their unstructured data. 20 Feb, 2014 Dietrich Benjes – VP UK, Ireland & Middle East DATA SECURITY & DATA MANAGEMENT WHAT YOU NEED TO KNOW
Transcript
1. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL Our mission
is to help enterprises realize value from their unstructured data.
20 Feb, 2014 Dietrich Benjes VP UK, Ireland & Middle East DATA
SECURITY & DATA MANAGEMENT WHAT YOU NEED TO KNOW
2. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL2 Started
operations in 2005 Headquartered in NYC 10 Products Over 2500
customers Solutions for Human Generated Data About Varonis
3. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL3 What do you
know about your organisations data?
4. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL4 Where is
it? Who has access to it? Who is accessing it? The most / least?
How is the business using it? Whats important / sensitive /
classified / internal / public? What makes it the above? Where is
that data overexposed? Whats stale / past the retention period?
Whats being collaborated on and how can that be done effectively
and securely? Etc.. What do you know about your data?
5. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL5 What is
Human-Generated Data? UNSTRUCTURED HUMAN-GENERATED DATA
UNSTRUCTURED MACHINE-GENERATED DATA STRUCTURED BUSINESS
APPLICATIONS DATA Emails Word Files Spreadsheets Presentations PDF
Files Time Series Data (No Pre-defined Schema) Generated by All IT
Systems; Highly-Diverse Formats Massive Volumes Relational
Databases Financial Records Math Data Multi-dimensional Data
Monthly Reporting Data (Pre-Defined Schema) Image, Audio, and Video
Files Generated by every employee in every organization Massive
volumes Focus of Varonis solutions
6. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL6 Data Growth
Source: IDC Digital Universe By 2020, Data Centers Will Manage: 14x
Data 10x Servers 1.5x IT Staff With
7. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL7 Challenge
and Opportunity Only 0.5% of the digital universe is analyzed
Opportunity to extract more value through tagging and analysis
Enterprises are responsible for protecting 80% of all data Source:
IDC Digital Universe
8. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL8 Big
Metadata Content Information knowing which files contain sensitive
and important information Access Activity knowing which users do
access what data, when and what theyve done User and Group
Information from Active Directory, LDAP, NIS, SharePoint, etc.
Permissions Information knowing who can access what data users and
groups users and groups users and groups permissions classification
classification activity activity permissions permissions users and
groups users and groups permissionsusers and groups users and
groups permissions classification activity activity permissions
classificationpermissions activity permissions classification
classification activity users and groups [classification]
[activity] Metadata
9. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL9 VARONIS
SYSTEMS. PROPRIETARY & CONFIDENTIAL9 Intelligence:
Human-Generated Big Data VISUALIZE DATA AND ACCESS ACTIVITY TRENDS
& DATA GROWTH RESIGNATION, HACKER, VIRUS IDENTIFY STALE DATA
UNNEEDED ACCESS DATA OWNER IDENTIFICATION EXPOSED, SENSITIVE DATA
010011 BUSINESS EXECUTIVES BUSINESS DATA OWNERS IT SECURITY
COMPLIANCE IT STORAGE IT OPERATIONS CONSUMERS FILE SYSTEM &
PERMISSIONS DIRECTORY SERVICE OBJECTS ACTIVITY CONTENT INPUTS:
METADATA BUSINESS & IT INSIGHTS
10. Why is this a Big Data Problem?
11. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL11 Why Is
This A Big Data Problem? 1 Terabyte: 1 million files 50,000+
folders 2500 unique access control lists 1 Access control list:
Lists 4 groups 1 Group: 15 members 150,000 functional relationships
in 1 TB of data! Thats before considering activity and content
12. What Might a Solution Look Like?
13. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL14 Who Has
Access to Any Data Set?
14. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL15 What Data
Can a User or Group Access?
15. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL16 Easy Data
Classification
16. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL17 What Has
a User or Group Accessed?
17. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL18 Who
Deleted My Files?
18. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL19 Get
Alerted in Real Time
19. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL20 Who
Shouldnt Have Access?
29. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL30
DatAnywhere: Your Own Private Cloud
30. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL31 Case
Study: Philip Morris International What we have now is
unprecedented visibility into who has access to which information.
Jan Billiet Dir. Security & Risk Management Philip Morris
International Problem BenefitsSolution Could not visualize access
to critical data No visibility into collaboration workflows Low
productivity when fulfilling audit requirements Instrumented file
share and SharePoint environment Automated map of data, users,
groups, and access controls Automated ownership identification and
involvement Global visibility of Active Directory, File server and
SharePoint Quantified access control challenges Drives Active
Directory and file server management best practices
31. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL32 Case
Study: BNP Paribas Problem BenefitsSolution The project has enabled
us to ensure data is either allocated to an owner or archived so we
only store what we need to store. Stuart Lincoln Vice President
ITP&L Client Services BNP Paribas No uniform access control
policy in place Data was potentially at risk Data use was
unmonitored Instrumented windows and UNIX file shares Complete map
of access, all access activity monitored Self service portal for
data owners Significant risk reduction enforced least privilege
model Capital expenditure savings through stale data identification
Compliance inquiries answered in minutes without ITs help
32. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL33 Case
Study: ALSTOM Problem BenefitsSolution Needed to make sure critical
data was only accessible to correct people Managing access control:
most time-consuming & inaccurate activity in data center,
consuming 4 full time employees Wanted to make users more
productive with mobile devices/BYOD Instrumented file share
environment, mapped access, assigned owners Automated access
control management Extended file share capabilities with file sync
and mobile device support Reallocated 4 full time employees to more
productive tasks Reduced risk, increased accountability for data
management Increased productivity & collaboration using
existing infrastructure "Varonis positively affected end user
productivity, IT operational efficiency, and our bottom line.
Raphael Viard Corriveau VP IT Engineering and Security, Alstom
33. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL34 Reducing
Risk, Complexity, and Cost RISK 30+% of data can be archived 60+%
of infrastructure is not utilized effectively COMPLEXITY COST 50+%
of access is unwarranted 70+% of infrastructure is unmonitored
Rationalize domain structure, access control entities, and
supporting business processes Varonis DatAdvantage gave us the
visibility and recommendations to limit user-to- data access by
business function and need. Now, my team is able to audit the use
of any data set or group for our compliance initiatives. James
Nelson, IT Security Manager, Juniper Networks
34. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL35
Increasing Productivity and Functionality ACCESSIBILITY Extends
functionality of existing investments in infrastructure OPERATIONAL
EFFICIENCY FUNCTIONALITY File synchronization and mobile access
make collaboration more immediate 10-40x Efficiency gains for daily
data management and protection tasks A process that previously took
five or six days now takes just a few hours... were able to produce
reports that werent possible previously, Thibaud Desforges, Tool
and Processing Manager, GDF Suez
35. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL36
Operational Overview Enable Audit Trail Inventory Permissions
Profile Data Use & Authorization Structure Classify and Tag
Sensitive, High Profile DataIdentify Critical Data Global Access
Groups Excessive Group Membership Reduce Excess Access Perform
Entitlement Reviews Formalize and Enforce Existing Processes
Identify Key Users & Owners Authorization Recertification
Handling Policies for Sensitive Data Define & Implement DG
Policies Risk
36. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL37 IMAGE,
AUDIO and VIDEO FILES EMAILS PDF FILESWORDFILES
PRESENTATIONSSPREADSHEETS Our mission is to help enterprises
realize value from their human-generated data
37. VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL Thank You
Dietrich Benjes [email protected] Twitter: @dietrichbenjes