Your SlideShare is downloading. ×
Eliminating Data Security Threats
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Eliminating Data Security Threats

316
views

Published on

The Varonis Data Governance suite helps organizations manage and protect their unstructured and semi structured data—the documents, spreadsheets, presentations, media files and other business data in …

The Varonis Data Governance suite helps organizations manage and protect their unstructured and semi structured data—the documents, spreadsheets, presentations, media files and other business data in file servers, NAS devices, SharePoint and Exchange.

Published in: Technology, Business

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
316
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
19
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • When it comes to all this unstructured data – are we ready to manage it?It’s not just that the files are growing so fast, it’s also that there is much more collaboration. Cross-functional teams are being created and destroyed. Teams are working remotely. All of this means that from a data security perspective there are more containers (folders, mailboxes, SharePoint sites). Each one of those containers has an ACL and each ACL represents a management decision.91% of us have to way to figure out who a data owner is. Pick a folder at random – who owns it? Do you have a process in place to figure this out?76% of us can’t even figure out who can access structured data. Pick a random folder – who can access it?It’s becoming harder and harder for IT to answer fundamental and critical questions about all this data.
  • In a recent Forrester survey, 22% of security decision-makers reported a data breach in the past twelve months.Source: Forrester, Forrsights Security Survey, Q3 2010
  • And at an average cost of $7.2 million per breach, it’s no shock that organizations are constantly working to strengthen their defenses.IT and security professionals are in a perpetual arms race with attackers. Packet sniffers, firewalls, virus scanners, and spam filters are doing a good job securing the borders, but what about insider threats?
  • The data has access because we can actually use and share them. But we have to collaborate securely to get the most value out of it.If you took away all access—if you unplug the network cables—you’d have no collaboration and the assets would have any value. It’d be like a dollar in your pocket that you couldn’t spend.At the other end of the spectrum, if we have too much access, to much uncontrolled collaboration the data could actually have negative value in terms of the reputational and financial damage that you could sustain by having your confidential data on the front page of WikiLeaks.The goal is to get the right amount of collaboration—give only the right people access to the right data—then we can get the maximum value from these assets.
  • Here are the levels of data protection:Authentication – proving you are who you say you are. Logging into the network. Maybe you have two-factor authentication with an RSA key or a fingerprint device. We’re pretty good at this.Authorization – once we know who you are – what are you authorized to see and do? This is access control. If you have a group on an folder’s ACL, this is who is in that group. There are lots of folders and SharePoint sites in the world that have global access groups like the Everyone group or Authenticated users because, well, it’s easy. This is a big, big problem.Auditing – we need to see and analyze access to make sure that the authentication and authorization we’ve put in place is working. We have to be able to monitor what users are doing, baseline normal activity, and alert on anomalous activity.
  • Remember those PonemonInstitue figures?Access is rarely reviewed76% of organizations can’t produce a permissions report (Source: Ponemon Institute)Organizations aren’t sure who should be reviewing data assets91% of organizations don’t have a process to identify data ownersData is accessible to many (authenticated) usersMore than 50% of the data a user can access is not needed by that user
  • Data classification only finds important data – it doesn’t give you context, like tell you who is responsible for that data, who has and should have access to it, and what folks are doing with it. This is the problem many DLP vendors run into.We were working with aneducational institution of about 15,000 users this year and they had just implemented data classification through a DLP tool. The scan took a fair amount of time, and at the end they’d identified 193,000 some-odd violations, or instances of a file containing possibly sensitive information. What the CISO told me was, “Yesterday I had one problem: where’s the sensitive data. Today I have 193,000 problems.”Which should be higher on your triage list for access control cleanup, a folder that contains 40 credit card numbers open to 20 people that nobody ever touches, or a folder open to the Everyone group with 300 credit card numbers that’s being constantly accessed?
  • We need actionable data. We talked a lot about sensitive data, we talked about overexposed data. The intersection of these two things is our top priority – where is my sensitive data concentrated AND overexposed.This is one of the very first reports we run after installing our product on a customers environment. Show me where someone took a spreadsheet full of credit card numbers and stuck it in a SharePoint site that was open to authenticated users.
  • Explain our methodology: bi-directional cluster analysis.And how modeling can prevent mistakes.-- should this slide have numbers next to the text (1 in front of “recommendations” 2 in front of “Click” 3 in front of “Everything”?
  • Let’s recap.(run through)Now, we can get down to the least privilege model.We can review access because we know the owners, we can generate permission reports send them to their inbox and make it easy to reduce risk.We can record what people are doing.And we can analyze access data and make intelligent business decisions.
  • Transcript

    • 1. ELIMINATING DATA SECURITY THREATS Presented by: Rob Sobers Director of Inbound Marketing Varonis Systems. Proprietary and confidential. Sign up for a free evaluation
    • 2. ABOUT VARONIS Founded end of 2004, started operations in 2005 Over 2000 Customers Over 5000 installations world-wide Based on patented technology and a highly accurate analytics engine, Varonis solutions give organizations total visibility and control over their human generated data, ensuring that only the right users have access to the right data at all times from all devices, all use is monitored, and abuse is flagged. Sign up for a free evaluation
    • 3. Data? What data? Varonis Systems. Proprietary and confidential. Sign up for a free evaluation
    • 4. 4 BIG DATA TRENDS By 2020, data centers will manage: 14x Data 10x Servers with 1.5x IT Staff Source: IDC Digital Universe Organizations are responsible for protecting 80% of all data Opportunity to extract more value through tagging & analysis (Big Data) Organizations Individuals Could be is Tagged is Analyzed 2012 2020 Data Servers IT Staff
    • 5. Can IT answer?  Who has access to this folder?  Which folders does this user or group have access to?  Who has been accessing this folder?  Which data is sensitive?  Who is the data owner?  Where is my sensitive data overexposed?  How do I fix it?  Where do I begin? DATA EXPLOSION – ARE WE READY? 91% Lack processes for determining data ownership 76% Unable to determine who can access unstructured data Varonis Systems. Proprietary and confidential. + Data + Collaboration + Cross-Functional Teams + Security Requirements = MORE Containers MORE ACLs MORE Management SOURCE: PONEMON INSTITUTE MORE Sign up for a free evaluation
    • 6. SECURITY, COMPLIANCE AND RETENTION 80% of organizations store data that doesn’t belong to them, but… Only 34% are very confident they know where 3rd party data is stored Only 22% have owners for all data Only 37% regularly revoke access Only 19% monitor all access activity 75% have difficulty finding stale, unneeded data Source: State of Data Protection http://www.varonis.com/research Source: Data on the Move http://www.varonis.com/research
    • 7. SURVEY: 22% REPORTED A DATA BREACH Breached 22% Not Breached 78% Data Breaches Varonis Systems. Proprietary and confidential. Sign up for a free evaluation
    • 8. $7.2 MILLION PER BREACH Varonis Systems. Proprietary and confidential. Sign up for a free evaluation
    • 9. SECURE COLLABORATION MAXIMIZES VALUE Varonis Systems. Proprietary and confidential. Too much access Uncontrolled Collaboration No Access No Collaboration Maximum Value Negative Value (Damage) Correct Access Correct Auditing No Value Sign up for a free evaluation
    • 10. So, how do we protect our data? Varonis Systems. Proprietary and confidential. Sign up for a free evaluation
    • 11. DATA PROTECTION FLOW Authentication Users are who they say they are Authorization Users have access to only what they need Auditing Monitor actual access Alert On unusual activity Varonis Systems. Proprietary and confidential. Authentication Authorization Auditing Sign up for a free evaluation
    • 12. IF WE DO THAT… Access is controlled No one gets access to data who shouldn’t No data is exposed to people that shouldn’t see it Access is monitored No one can access data without it being logged Logs are inspected (with automation) Unusual activity is flagged Humans can investigate the right things Varonis Systems. Proprietary and confidential. Sign up for a free evaluation
    • 13. What might this look like? Varonis Systems. Proprietary and confidential. Sign up for a free evaluation
    • 14. PERMISSIONS - BI-DIRECTIONAL VISIBILITY Varonis Systems. Proprietary and confidential. Sign up for a free evaluation
    • 15. AUDIT TRAIL Varonis Systems. Proprietary and confidential. Sign up for a free evaluation
    • 16. QUOTE FROM A CSO ON DLP “Yesterday I had one problem: where’s my sensitive data? Today I have 193,000 problems.” Varonis Systems. Proprietary and confidential. Sign up for a free evaluation
    • 17. ACTIONABLE DATA Varonis Systems. Proprietary and confidential. Sensitive Data Exposed DataPrioritized list of folders that should be addressed Top folders that contain a large percentage of sensitive data -AND- Have excessive/loose permissions Sign up for a free evaluation
    • 18. ACTIVITY ANALYSIS Varonis Systems. Proprietary and confidential. • Most/Least Active Users • Most/Least Active Directories • Anomalous Behavior Sign up for a free evaluation
    • 19. RECOMMENDATIONS AND MODELING Varonis Systems. Proprietary and confidential. Sign up for a free evaluation
    • 20. DATA OWNERSHIP IDENTIFICATION Varonis Systems. Proprietary and confidential. Active Users Sign up for a free evaluation
    • 21. REPORTS – AUTOMATIC FOR OWNERS Varonis Systems. Proprietary and confidential. Permissions Activity Sign up for a free evaluation
    • 22. IMPROVING DATA SECURITY WITH AUTOMATION Data is accessible to only the right users Access is reviewed regularly Owners will be identified based on metadata, assigned, tracked & involved Permissions reports will be created and sent automatically User access is audited continuously User access is analyzed automatically Unused data is automatically moved or deleted Varonis Systems. Proprietary and confidential. Sign up for a free evaluation

    ×