DSS ITSEC Conference 2012 - Varonis Eliminating Data Security Threats

Eliminating Data Security Threats
Daniel Gutman, Varonis Systems

© 2012 Varonis Systems. Proprietary and confidential.

Data? What data?


Unstructured & Semi Structured Data

PERCENTAGE OF THE DIGITAL UNIVERSE
2007 2011
50%

40%

30%

20%

10%

650% growth
0%
Security-Intense Compliance-
Intense
in the next 5
Preservation-
Intense

Source: IDC
years!

Data Explosion – Are We Ready?

MORE 91% Can IT answer?
 Who has access to this folder?
+ Data
+ Collaboration Lack processes for  Which folders does this user or
+ Cross-Functional Teams determining data group have access to?
+ Security Requirements ownership  Who has been accessing this
=
folder?
MORE Containers
MORE ACLs 76%  Which data is sensitive?
 Who is the data owner?
MORE Management
Unable to determine  Where is my sensitive data

who can access overexposed?
 How do I fix it?
unstructured data
 Where do I begin?

SOURCE:
PONEMON INSTITUTE
Page 4


Functional Relationships in 10TB, 1000 Users

Page 5


Secure Collaboration Maximizes Value

Maximum
Value

Too much access
No Access Uncontrolled
No Collaboration Correct Access Collaboration
Correct Auditng
No Value

Negative Value
(Damage)


Survey: 22% reported a data breach

Data Breaches

Breached
22%

Not Breached
78%


Breach has cost


43% of Breaches by “Trusted” Insiders


So, how do we
protect our data?


Data Protection Flow

Authentication Authorization Auditing

• Authentication
Users are who they say they are
• Authorization
Users have access to only what they need
• Auditing
Monitor actual access
• Alert
On unusual activity

Page 11


If we do that…

• Access is controlled
No one gets access to data who shouldn’t
No data is exposed to people that shouldn’t see it
• Access is monitored
No one can access data without it being logged
Logs are inspected (with automation)
• Unusual activity is flagged
Humans can investigate the right things

Page 12


What might this
look like?


Varonis Metadata Framework
• Four types of metadata are collected, synthesized, processed, and
presented:
File System & Permissions Information
User and Group Information
Access Activity
Sensitive Content Indicators
• Actionable data governance information:
WHO has access to a data set?
WHO should have access to data set?
WHO has been accessing it?
WHICH data is sensitive?
WHO is the data owner?
WHERE is my sensitive data overexposed, and how do I fix it?
• Allows data owners to participate in data governance:
Automated Entitlement reviews
Authorization workflows
Foundation for Secure Collaboration
Page 14

Varonis Data Governance Life Cycle
Data Owner
Participation Identify
•Review Access Sensitive
•Examine Activity Folders & Files
•Review Stale Data

Remediate Excessive
Permissions Profile Data Use
•All file activity will be monitored by
•Global Group Access Varonis
•Stale Group Memberships

Data to Business Alignment Prioritize Based
•Identify Demarcation Containers on Content &
•Identify Data Owners Exposure


Permissions - Bi-Directional Visibility

Users/Groups…

to Users/Groups
to Data
Data…


Audit Trail

Search, Sort, and Group


Actionable Data

• Prioritized list of folders that should be
Sensitive Dataaddressed
Exposed Data
Top folders that contain a large percentage of
sensitive data
-AND-
Have excessive/loose permissions
Page 18


Activity Analysis

• Most/Least Active Users
• Most/Least Active Directories
• Anomalous Behavior


Data Ownership Identification

Active Users


Reports – Automatic for Owners

Activity

Permissions


Data Owner Involvement

• Entitlement
Reviews
• Authorization
Workflow
• Self Service
Portal
• Automated
Rules

Page 22


Improving Today’s Environments with Automation

• Data is accessible to manythe right users
accessible to only users
• Access is rarely reviewed
reviewed regularly
Owners will be identified based a metadata, assigned,
91% of organizations don’t haveonprocess to identify data
tracked
owners & involved
Permissions reports will be created a permissions report
76% of organizations can’t produce and sent automatically
(Source: Ponemon Institute)
• User access is audited continuously
• User access is rarely audited
• User access is analyzed automatically
• User access is rarely analyzed
• Unused data is automatically moved or deleted
• Unused data is left at-risk

Page 23


Varonis: Immediate Operational and
Financial Benefits
Ensuring appropriate access & permissions

Finding lost, moved, copied files

Audit & Analyze Data Use Activity

Permissions Analysis & Testing

Data ownership identification

Storage cost savings
Significant, quantifiable return on investment
Page 24


Thank You!
Daniel Gutman
daniel@varonis.com
Page 25


IDU Multi-tiered Architecture

Page 26


Архитектура Varonis IDU

Page 27


DSS ITSEC Conference 2012 - Varonis Eliminating Data Security Threats

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (20)

Similaire à DSS ITSEC Conference 2012 - Varonis Eliminating Data Security Threats

Similaire à DSS ITSEC Conference 2012 - Varonis Eliminating Data Security Threats (20)

Plus de Andris Soroka

Plus de Andris Soroka (20)

Dernier

Dernier (20)

DSS ITSEC Conference 2012 - Varonis Eliminating Data Security Threats