1 / 21

Eliminating Data Security Threats

Eliminating Data Security Threats. Varonis Systems. Unstructured Data Explosion. PERCENTAGE OF THE DIGITAL UNIVERSE. 2007. 2011. 50%. 40%. 30%. 20%. 10%. 0%. Security-Intense. Compliance-. Preservation-. Intense. Intense. 80% of all data is unstructured or semi-structured.

keefer
Télécharger la présentation

Eliminating Data Security Threats

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Eliminating Data Security Threats Varonis Systems © 2012 Varonis Systems. Proprietary and confidential.

  2. Unstructured Data Explosion PERCENTAGE OF THE DIGITAL UNIVERSE 2007 2011 50% 40% 30% 20% 10% 0% Security-Intense Compliance- Preservation- Intense Intense 80%of all data is unstructured or semi-structured 650%growthover the next 5 years Source: IDC Source: IDC © 2012 Varonis Systems. Proprietary and confidential.

  3. Data Explosion – Are We Ready? • Can IT answer? • Who has access to this folder? • Which folders does this user or group have access to? • Who has been accessing this folder? • Which data is sensitive? • Who is the data owner? • Where is my sensitive data overexposed? • How do I fix it? • Where do I begin? 91%Lack processes for determining data ownership 76%Unable to determine who can access unstructured data MORE + Data + Collaboration + Cross-Functional Teams +Security Requirements = MORE Containers MORE ACLs MORE Management SOURCE: PONEMON INSTITUTE © 2012 Varonis Systems. Proprietary and confidential.

  4. The Asset Class • Assets grow in size, importance, complexity • Different file types • More complete stories © 2012 Varonis Systems. Proprietary and confidential.

  5. Secure Collaboration Maximizes Value Maximum Value Too much access Uncontrolled Collaboration No Access No Collaboration Correct Access No Value Negative Value (Damage)

  6. Trust Data Protection Overview • Verify • Huge amount of data to protect • Goals: • Restrict accessibility to “need to know” • Monitor & Analyze actual access • Limitations of typical environments • Using Metadata Framework Automation © 2012 Varonis Systems. Proprietary and confidential.

  7. Data Protection Flow • Authentication • Users are who they say they are • Authorization • Users have access to only what they need • Audit • See and analyze access, alert on unusual activity © 2012 Varonis Systems. Proprietary and confidential.

  8. Limitations of Today’s Environments • Data is accessible to many users • Access is rarely reviewed • 91% of organizations don’t have a process to identify data owners • 76% of organizations can’t produce a permissions report (Source: Ponemon Institute) • User access is rarely audited • User access is rarely analyzed • Therefore… © 2012 Varonis Systems. Proprietary and confidential.

  9. The Insider Threat is Huge • Recent example: • WikiLeaks • Other examples… © 2012 Varonis Systems. Proprietary and confidential.

  10. Goals: Trust, but Verify © 2012 Varonis Systems. Proprietary and confidential.

  11. Metadata Framework Automation • Four types of metadata are critical: • File System & Permissions Information • User and Group Information • Access Activity • Sensitive Content Indicators • Actionable data governance information: • WHO has access to a data set? • WHO should have access to data set? • WHO has been accessing it? • WHICH data is sensitive? • WHO is the data owner? • WHERE is my sensitive data overexposed, and how do I fix it? • Data owner participation: • Automated Entitlement reviews • Authorization workflows Foundation for Secure Collaboration

  12. Automate Authorization & Access Auditing © 2012 Varonis Systems. Proprietary and confidential.

  13. Permissions - Bi-Directional Visibility Users/Groups… to Users/Groups to Data Data… © 2012 Varonis Systems. Proprietary and confidential.

  14. Audit Trail Search, Sort, and Group © 2012 Varonis Systems. Proprietary and confidential.

  15. Urgent, Actionable Data Exposed Data Sensitive Data • Prioritized list of folders that should be addressed • Top folders that contain a large percentage of sensitive data -AND- • Have excessive/loose permissions © 2012 Varonis Systems. Proprietary and confidential.

  16. Activity Analysis • Most/Least Active Users • Most/Least Active Directories • Anomalous Behavior © 2012 Varonis Systems. Proprietary and confidential.

  17. Data Ownership Identification Active Users © 2012 Varonis Systems. Proprietary and confidential.

  18. Improving Today’s Environments with Automation • Data is accessible to only the right users • Access is reviewed regularly • Owners will be identified based on metadata, assigned, tracked & involved • Permissions reports will be created and sent automatically • User access is audited continuously • User access is analyzed automatically • Data is accessible to many users • Access is rarely reviewed • 91% of organizations don’t have a process to identify data owners • 76% of organizations can’t produce a permissions report (Source: Ponemon Institute) • User access is rarely audited • User access is rarely analyzed • Therefore… © 2012 Varonis Systems. Proprietary and confidential.

  19. Reduced Risk, Better Process © 2012 Varonis Systems. Proprietary and confidential.

  20. Varonis Data Governance Framework Components DatAdvantage DataPrivilege IDU Presentation Analysis & Modeling Commit Changes to File Systems and Directory Services Retention/Storage Aggregation & Normalization File System Meta Data Collection User Data Collection Access Activity Data Content Classification Future Windows File Systems UNIX/ Linux NAS SharePoint Exchange MS Active Directory LDAP NIS Local Accounts The Varonis IDU Framework creates and manages a meta-data layer that enables IT and the business to work together to protect unstructured data © 2012 Varonis Systems. Proprietary and confidential.

  21. Thank You! © 2012 Varonis Systems. Proprietary and confidential.

More Related