SlideShare a Scribd company logo

DSS ITSEC Conference 2012 - Varonis Eliminating Data Security Threats

Andris Soroka
Andris Soroka

Risks related to total visibility and control over their data (unstructued and semi-structured), ensuring that only the right users have access to the right data at all times

1 of 27
Download to read offline
Eliminating Data Security Threats Daniel Gutman, Varonis Systems © 2012 Varonis Systems. Proprietary and confidential.
Data? What data? © 2012 Varonis Systems. Proprietary and confidential.
Unstructured & Semi Structured Data PERCENTAGE OF THE DIGITAL UNIVERSE 2007 2011 50% 40% 30% 20% 10% 650% growth 0% Security-Intense Compliance- Intense in the next 5 Preservation- Intense Source: IDC years! © 2012 Varonis Systems. Proprietary and confidential.
Data Explosion – Are We Ready? MORE 91% Can IT answer?  Who has access to this folder? + Data + Collaboration Lack processes for  Which folders does this user or + Cross-Functional Teams determining data group have access to? + Security Requirements ownership  Who has been accessing this = folder? MORE Containers MORE ACLs 76%  Which data is sensitive?  Who is the data owner? MORE Management Unable to determine  Where is my sensitive data who can access overexposed?  How do I fix it? unstructured data  Where do I begin? SOURCE: PONEMON INSTITUTE Page 4 © 2012 Varonis Systems. Proprietary and confidential.
Functional Relationships in 10TB, 1000 Users Page 5 © 2010 Varonis Systems. Proprietary and confidential.
Secure Collaboration Maximizes Value Maximum Value Too much access No Access Uncontrolled No Collaboration Correct Access Collaboration Correct Auditng No Value Negative Value (Damage) © 2012 Varonis Systems. Proprietary and confidential.
Survey: 22% reported a data breach Data Breaches Breached 22% Not Breached 78% © 2012 Varonis Systems. Proprietary and confidential.
Breach has cost © 2012 Varonis Systems. Proprietary and confidential.
43% of Breaches by “Trusted” Insiders © 2012 Varonis Systems. Proprietary and confidential.
So, how do we protect our data? © 2012 Varonis Systems. Proprietary and confidential.
Data Protection Flow Authentication Authorization Auditing • Authentication Users are who they say they are • Authorization Users have access to only what they need • Auditing Monitor actual access • Alert On unusual activity Page 11 © 2012 Varonis Systems. Proprietary and confidential.
If we do that… • Access is controlled No one gets access to data who shouldn’t No data is exposed to people that shouldn’t see it • Access is monitored No one can access data without it being logged Logs are inspected (with automation) • Unusual activity is flagged Humans can investigate the right things Page 12 © 2012 Varonis Systems. Proprietary and confidential.
What might this look like? © 2012 Varonis Systems. Proprietary and confidential.
Varonis Metadata Framework • Four types of metadata are collected, synthesized, processed, and presented: File System & Permissions Information User and Group Information Access Activity Sensitive Content Indicators • Actionable data governance information: WHO has access to a data set? WHO should have access to data set? WHO has been accessing it? WHICH data is sensitive? WHO is the data owner? WHERE is my sensitive data overexposed, and how do I fix it? • Allows data owners to participate in data governance: Automated Entitlement reviews Authorization workflows Foundation for Secure Collaboration Page 14
Varonis Data Governance Life Cycle Data Owner Participation Identify •Review Access Sensitive •Examine Activity Folders & Files •Review Stale Data Remediate Excessive Permissions Profile Data Use •All file activity will be monitored by •Global Group Access Varonis •Stale Group Memberships Data to Business Alignment Prioritize Based •Identify Demarcation Containers on Content & •Identify Data Owners Exposure © 2011 Varonis Systems. Proprietary and confidential.
Permissions - Bi-Directional Visibility Users/Groups… to Users/Groups to Data Data… © 2012 Varonis Systems. Proprietary and confidential.
Audit Trail Search, Sort, and Group © 2012 Varonis Systems. Proprietary and confidential.
Actionable Data • Prioritized list of folders that should be Sensitive Dataaddressed Exposed Data Top folders that contain a large percentage of sensitive data -AND- Have excessive/loose permissions Page 18 © 2012 Varonis Systems. Proprietary and confidential.
Activity Analysis • Most/Least Active Users • Most/Least Active Directories • Anomalous Behavior © 2012 Varonis Systems. Proprietary and confidential.
Data Ownership Identification Active Users © 2012 Varonis Systems. Proprietary and confidential.
Reports – Automatic for Owners Activity Permissions © 2011 Varonis Systems. Proprietary and confidential.
Data Owner Involvement • Entitlement Reviews • Authorization Workflow • Self Service Portal • Automated Rules Page 22 © 2011 Varonis Systems. Proprietary and confidential.
Improving Today’s Environments with Automation • Data is accessible to manythe right users accessible to only users • Access is rarely reviewed reviewed regularly Owners will be identified based a metadata, assigned, 91% of organizations don’t haveonprocess to identify data tracked owners & involved Permissions reports will be created a permissions report 76% of organizations can’t produce and sent automatically (Source: Ponemon Institute) • User access is audited continuously • User access is rarely audited • User access is analyzed automatically • User access is rarely analyzed • Unused data is automatically moved or deleted • Unused data is left at-risk Page 23 © 2012 Varonis Systems. Proprietary and confidential.
Varonis: Immediate Operational and Financial Benefits Ensuring appropriate access & permissions Finding lost, moved, copied files Audit & Analyze Data Use Activity Permissions Analysis & Testing Data ownership identification Storage cost savings Significant, quantifiable return on investment Page 24 © 2008 Varonis Systems. Proprietary and confidential.
Thank You! Daniel Gutman daniel@varonis.com Page 25 © 2012 Varonis Systems. Proprietary and confidential.
IDU Multi-tiered Architecture Page 26 © 2011 Varonis Systems. Proprietary and confidential.
Архитектура Varonis IDU Page 27 © 2008 Varonis Systems. Proprietary and confidential.

Recommended

Corporate Data: A Protected Asset or a Ticking Time Bomb?
Corporate Data: A Protected Asset or a Ticking Time Bomb? Corporate Data: A Protected Asset or a Ticking Time Bomb?
Corporate Data: A Protected Asset or a Ticking Time Bomb?
Varonis
 
Varonis - DSS @VILNIUS 2010
Varonis - DSS @VILNIUS 2010Varonis - DSS @VILNIUS 2010
Varonis - DSS @VILNIUS 2010
Andris Soroka
 
5 things it should be doing (but isn't!)
5 things it should be doing (but isn't!)5 things it should be doing (but isn't!)
5 things it should be doing (but isn't!)
Mike Egli
 
WeSecure Data Security Congres: How to build a data governance framework
WeSecure Data Security Congres: How to build a data governance frameworkWeSecure Data Security Congres: How to build a data governance framework
WeSecure Data Security Congres: How to build a data governance framework
WeSecure
 
10 security problems unique to it
10 security problems unique to it10 security problems unique to it
10 security problems unique to it
IT-Toolkits.org
 
White paper-diligent-cybersecurity
White paper-diligent-cybersecurityWhite paper-diligent-cybersecurity
White paper-diligent-cybersecurity
james morris
 
TRUSTe Online Security Guidelines v2.0
TRUSTe Online Security Guidelines v2.0TRUSTe Online Security Guidelines v2.0
TRUSTe Online Security Guidelines v2.0
TRUSTe
 
Security&reliability
Security&reliabilitySecurity&reliability
Security&reliabilitycaca1009
 

Recommended

Corporate Data: A Protected Asset or a Ticking Time Bomb?
Corporate Data: A Protected Asset or a Ticking Time Bomb? Corporate Data: A Protected Asset or a Ticking Time Bomb?
Corporate Data: A Protected Asset or a Ticking Time Bomb?
Varonis
 
Varonis - DSS @VILNIUS 2010
Varonis - DSS @VILNIUS 2010Varonis - DSS @VILNIUS 2010
Varonis - DSS @VILNIUS 2010
Andris Soroka
 
5 things it should be doing (but isn't!)
5 things it should be doing (but isn't!)5 things it should be doing (but isn't!)
5 things it should be doing (but isn't!)
Mike Egli
 
WeSecure Data Security Congres: How to build a data governance framework
WeSecure Data Security Congres: How to build a data governance frameworkWeSecure Data Security Congres: How to build a data governance framework
WeSecure Data Security Congres: How to build a data governance framework
WeSecure
 
10 security problems unique to it
10 security problems unique to it10 security problems unique to it
10 security problems unique to it
IT-Toolkits.org
 
White paper-diligent-cybersecurity
White paper-diligent-cybersecurityWhite paper-diligent-cybersecurity
White paper-diligent-cybersecurity
james morris
 
TRUSTe Online Security Guidelines v2.0
TRUSTe Online Security Guidelines v2.0TRUSTe Online Security Guidelines v2.0
TRUSTe Online Security Guidelines v2.0
TRUSTe
 
Security&reliability
Security&reliabilitySecurity&reliability
Security&reliabilitycaca1009
 
Securing sensitive data for the health care industry
Securing sensitive data for the health care industrySecuring sensitive data for the health care industry
Securing sensitive data for the health care industry
CloudMask inc.
 
Безопасность данных мобильных приложений. Мифы и реальность.
Безопасность данных мобильных приложений. Мифы и реальность.Безопасность данных мобильных приложений. Мифы и реальность.
Безопасность данных мобильных приложений. Мифы и реальность.
Advanced monitoring
 
WebShield eP3 Network Overview (02-04-2017)
WebShield eP3 Network Overview (02-04-2017)WebShield eP3 Network Overview (02-04-2017)
WebShield eP3 Network Overview (02-04-2017)
rich_webshield
 
Protecting Intellectual Property and Data Loss Prevention (DLP)
Protecting Intellectual Property and Data Loss Prevention (DLP)Protecting Intellectual Property and Data Loss Prevention (DLP)
Protecting Intellectual Property and Data Loss Prevention (DLP)
Arpin Consulting
 
beyond_the_firewall_0103
beyond_the_firewall_0103beyond_the_firewall_0103
beyond_the_firewall_0103Jack McCullough
 
Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach
Aviva Spectrum™
 
What's Hot In IT - Cybersecurity
What's Hot In IT - CybersecurityWhat's Hot In IT - Cybersecurity
What's Hot In IT - Cybersecurity
Row Murray
 
ZSAH Security - Web
ZSAH Security - WebZSAH Security - Web
ZSAH Security - WebFahd Khan
 
Palerra_CASB_UBA_WhitePaper
Palerra_CASB_UBA_WhitePaperPalerra_CASB_UBA_WhitePaper
Palerra_CASB_UBA_WhitePaperEric Opp
 
Secure Multimedia Content Protection and Sharing
Secure Multimedia Content Protection and SharingSecure Multimedia Content Protection and Sharing
Secure Multimedia Content Protection and Sharing
IRJET Journal
 
Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0
Ulf Mattsson
 
Data Security and Regulatory Compliance
Data Security and Regulatory ComplianceData Security and Regulatory Compliance
Data Security and Regulatory Compliance
Lifeline Data Centers
 
ISACA NA CACS 2012 Orlando session 414 Ulf Mattsson
ISACA NA CACS 2012 Orlando session 414 Ulf MattssonISACA NA CACS 2012 Orlando session 414 Ulf Mattsson
ISACA NA CACS 2012 Orlando session 414 Ulf MattssonUlf Mattsson
 
Where Data Security and Value of Data Meet in the Cloud
Where Data Security and Value of Data Meet in the CloudWhere Data Security and Value of Data Meet in the Cloud
Where Data Security and Value of Data Meet in the Cloud
Ulf Mattsson
 
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesData Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Seccuris Inc.
 
Cyber liabilty
Cyber liabiltyCyber liabilty
Cyber liabiltyMaran Corporate Risk Associates, Inc.
 
Cyber Liabilty: A new exposure for businesses
Cyber Liabilty: A new exposure for businesses Cyber Liabilty: A new exposure for businesses
Cyber Liabilty: A new exposure for businesses
Maran Corporate Risk Associates, Inc.
 
Lessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! HackLessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! Hack
Imperva
 
Building & Maintaining HIPAA-Compliant Applications in AWS
Building & Maintaining HIPAA-Compliant Applications in AWSBuilding & Maintaining HIPAA-Compliant Applications in AWS
Building & Maintaining HIPAA-Compliant Applications in AWSControl Group
 
Cloud Security Alliance Q2-2012 Atlanta Meeting
Cloud Security Alliance Q2-2012 Atlanta MeetingCloud Security Alliance Q2-2012 Atlanta Meeting
Cloud Security Alliance Q2-2012 Atlanta Meeting
Taylor Banks
 
Oracle security-formula
Oracle security-formulaOracle security-formula
Oracle security-formulaOracleIDM
 
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...Khazret Sapenov
 

More Related Content

What's hot

Securing sensitive data for the health care industry
Securing sensitive data for the health care industrySecuring sensitive data for the health care industry
Securing sensitive data for the health care industry
CloudMask inc.
 
Безопасность данных мобильных приложений. Мифы и реальность.
Безопасность данных мобильных приложений. Мифы и реальность.Безопасность данных мобильных приложений. Мифы и реальность.
Безопасность данных мобильных приложений. Мифы и реальность.
Advanced monitoring
 
WebShield eP3 Network Overview (02-04-2017)
WebShield eP3 Network Overview (02-04-2017)WebShield eP3 Network Overview (02-04-2017)
WebShield eP3 Network Overview (02-04-2017)
rich_webshield
 
Protecting Intellectual Property and Data Loss Prevention (DLP)
Protecting Intellectual Property and Data Loss Prevention (DLP)Protecting Intellectual Property and Data Loss Prevention (DLP)
Protecting Intellectual Property and Data Loss Prevention (DLP)
Arpin Consulting
 
beyond_the_firewall_0103
beyond_the_firewall_0103beyond_the_firewall_0103
beyond_the_firewall_0103Jack McCullough
 
Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach
Aviva Spectrum™
 
What's Hot In IT - Cybersecurity
What's Hot In IT - CybersecurityWhat's Hot In IT - Cybersecurity
What's Hot In IT - Cybersecurity
Row Murray
 
ZSAH Security - Web
ZSAH Security - WebZSAH Security - Web
ZSAH Security - WebFahd Khan
 
Palerra_CASB_UBA_WhitePaper
Palerra_CASB_UBA_WhitePaperPalerra_CASB_UBA_WhitePaper
Palerra_CASB_UBA_WhitePaperEric Opp
 
Secure Multimedia Content Protection and Sharing
Secure Multimedia Content Protection and SharingSecure Multimedia Content Protection and Sharing
Secure Multimedia Content Protection and Sharing
IRJET Journal
 
Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0
Ulf Mattsson
 
Data Security and Regulatory Compliance
Data Security and Regulatory ComplianceData Security and Regulatory Compliance
Data Security and Regulatory Compliance
Lifeline Data Centers
 
ISACA NA CACS 2012 Orlando session 414 Ulf Mattsson
ISACA NA CACS 2012 Orlando session 414 Ulf MattssonISACA NA CACS 2012 Orlando session 414 Ulf Mattsson
ISACA NA CACS 2012 Orlando session 414 Ulf MattssonUlf Mattsson
 
Where Data Security and Value of Data Meet in the Cloud
Where Data Security and Value of Data Meet in the CloudWhere Data Security and Value of Data Meet in the Cloud
Where Data Security and Value of Data Meet in the Cloud
Ulf Mattsson
 
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesData Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Seccuris Inc.
 
Cyber Liabilty: A new exposure for businesses
Cyber Liabilty: A new exposure for businesses Cyber Liabilty: A new exposure for businesses
Cyber Liabilty: A new exposure for businesses
Maran Corporate Risk Associates, Inc.
 
Lessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! HackLessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! Hack
Imperva
 
Building & Maintaining HIPAA-Compliant Applications in AWS
Building & Maintaining HIPAA-Compliant Applications in AWSBuilding & Maintaining HIPAA-Compliant Applications in AWS
Building & Maintaining HIPAA-Compliant Applications in AWSControl Group
 
Cloud Security Alliance Q2-2012 Atlanta Meeting
Cloud Security Alliance Q2-2012 Atlanta MeetingCloud Security Alliance Q2-2012 Atlanta Meeting
Cloud Security Alliance Q2-2012 Atlanta Meeting
Taylor Banks
 

What's hot (20)

Securing sensitive data for the health care industry
Securing sensitive data for the health care industrySecuring sensitive data for the health care industry
Securing sensitive data for the health care industry
 
Безопасность данных мобильных приложений. Мифы и реальность.
Безопасность данных мобильных приложений. Мифы и реальность.Безопасность данных мобильных приложений. Мифы и реальность.
Безопасность данных мобильных приложений. Мифы и реальность.
 
WebShield eP3 Network Overview (02-04-2017)
WebShield eP3 Network Overview (02-04-2017)WebShield eP3 Network Overview (02-04-2017)
WebShield eP3 Network Overview (02-04-2017)
 
Protecting Intellectual Property and Data Loss Prevention (DLP)
Protecting Intellectual Property and Data Loss Prevention (DLP)Protecting Intellectual Property and Data Loss Prevention (DLP)
Protecting Intellectual Property and Data Loss Prevention (DLP)
 
beyond_the_firewall_0103
beyond_the_firewall_0103beyond_the_firewall_0103
beyond_the_firewall_0103
 
Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach Cyber Security: User Access Pitfalls, A Case Study Approach
Cyber Security: User Access Pitfalls, A Case Study Approach
 
What's Hot In IT - Cybersecurity
What's Hot In IT - CybersecurityWhat's Hot In IT - Cybersecurity
What's Hot In IT - Cybersecurity
 
ZSAH Security - Web
ZSAH Security - WebZSAH Security - Web
ZSAH Security - Web
 
Palerra_CASB_UBA_WhitePaper
Palerra_CASB_UBA_WhitePaperPalerra_CASB_UBA_WhitePaper
Palerra_CASB_UBA_WhitePaper
 
Secure Multimedia Content Protection and Sharing
Secure Multimedia Content Protection and SharingSecure Multimedia Content Protection and Sharing
Secure Multimedia Content Protection and Sharing
 
Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0Risk Management Practices for PCI DSS 2.0
Risk Management Practices for PCI DSS 2.0
 
Data Security and Regulatory Compliance
Data Security and Regulatory ComplianceData Security and Regulatory Compliance
Data Security and Regulatory Compliance
 
ISACA NA CACS 2012 Orlando session 414 Ulf Mattsson
ISACA NA CACS 2012 Orlando session 414 Ulf MattssonISACA NA CACS 2012 Orlando session 414 Ulf Mattsson
ISACA NA CACS 2012 Orlando session 414 Ulf Mattsson
 
Where Data Security and Value of Data Meet in the Cloud
Where Data Security and Value of Data Meet in the CloudWhere Data Security and Value of Data Meet in the Cloud
Where Data Security and Value of Data Meet in the Cloud
 
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesData Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective Strategies
 
Cyber liabilty
Cyber liabiltyCyber liabilty
Cyber liabilty
 
Cyber Liabilty: A new exposure for businesses
Cyber Liabilty: A new exposure for businesses Cyber Liabilty: A new exposure for businesses
Cyber Liabilty: A new exposure for businesses
 
Lessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! HackLessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! Hack
 
Building & Maintaining HIPAA-Compliant Applications in AWS
Building & Maintaining HIPAA-Compliant Applications in AWSBuilding & Maintaining HIPAA-Compliant Applications in AWS
Building & Maintaining HIPAA-Compliant Applications in AWS
 
Cloud Security Alliance Q2-2012 Atlanta Meeting
Cloud Security Alliance Q2-2012 Atlanta MeetingCloud Security Alliance Q2-2012 Atlanta Meeting
Cloud Security Alliance Q2-2012 Atlanta Meeting
 

Similar to DSS ITSEC Conference 2012 - Varonis Eliminating Data Security Threats

Oracle security-formula
Oracle security-formulaOracle security-formula
Oracle security-formulaOracleIDM
 
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...Khazret Sapenov
 
Copyright and Technology London 2012: Content Identification - Werner Strydom...
Copyright and Technology London 2012: Content Identification - Werner Strydom...Copyright and Technology London 2012: Content Identification - Werner Strydom...
Copyright and Technology London 2012: Content Identification - Werner Strydom...GiantSteps Media Technology Strategies
 
Cyber Threat Management Services
Cyber Threat Management ServicesCyber Threat Management Services
Cyber Threat Management Services
Marlabs
 
Confidence & The Cloud
Confidence & The CloudConfidence & The Cloud
Confidence & The Cloud
Alex Todd
 
Sw keynote
Sw keynoteSw keynote
Sw keynote
gueste69f645
 
Thought Leadership Session: Realities of BYOD and MDM
Thought Leadership Session: Realities of BYOD and MDMThought Leadership Session: Realities of BYOD and MDM
Thought Leadership Session: Realities of BYOD and MDM
SolarWinds
 
Secure adn Contained Access for Everybody, at Anytime
Secure adn Contained Access for Everybody, at Anytime Secure adn Contained Access for Everybody, at Anytime
Secure adn Contained Access for Everybody, at Anytime
Uni Systems S.M.S.A.
 
Keynote oracle entitlement-driven idm
Keynote oracle entitlement-driven idmKeynote oracle entitlement-driven idm
Keynote oracle entitlement-driven idmNormand Sauve
 
BYOD Industry Trends and Best Practices - Philly Tech Week
BYOD Industry Trends and Best Practices - Philly Tech WeekBYOD Industry Trends and Best Practices - Philly Tech Week
BYOD Industry Trends and Best Practices - Philly Tech Week
The Judge Group
 
Develop and Enforce a Bring-Your-Own-Device (BYOD) Policy
Develop and Enforce a Bring-Your-Own-Device (BYOD) PolicyDevelop and Enforce a Bring-Your-Own-Device (BYOD) Policy
Develop and Enforce a Bring-Your-Own-Device (BYOD) Policy
OracleIDM
 
Gainful Information Security 2012 services
Gainful Information Security 2012 servicesGainful Information Security 2012 services
Gainful Information Security 2012 services
Cade Zvavanjanja
 
Anticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They OccurAnticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They Occur
Skybox Security
 
Creating Secure Social Applications
Creating Secure Social ApplicationsCreating Secure Social Applications
Creating Secure Social Applications
Tyler Browning
 
Oracle tech fmw-05-idm-neum-16.04.2010
Oracle tech fmw-05-idm-neum-16.04.2010Oracle tech fmw-05-idm-neum-16.04.2010
Oracle tech fmw-05-idm-neum-16.04.2010Oracle BH
 
Wayfs and Strays - Jonathan Richardson
Wayfs and Strays - Jonathan RichardsonWayfs and Strays - Jonathan Richardson
Wayfs and Strays - Jonathan RichardsonEduserv
 
"Thinking diffrent" about your information security strategy
"Thinking diffrent" about your information security strategy"Thinking diffrent" about your information security strategy
"Thinking diffrent" about your information security strategy
Jason Clark
 
Od webcast-cloud-fraud final
Od webcast-cloud-fraud finalOd webcast-cloud-fraud final
Od webcast-cloud-fraud finalOracleIDM
 
Integrating Information Protection Into Data Architecture & SDLC
Integrating Information Protection Into Data Architecture & SDLCIntegrating Information Protection Into Data Architecture & SDLC
Integrating Information Protection Into Data Architecture & SDLCDATAVERSITY
 

Similar to DSS ITSEC Conference 2012 - Varonis Eliminating Data Security Threats (20)

Oracle security-formula
Oracle security-formulaOracle security-formula
Oracle security-formula
 
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...
Rethink cloud security to get ahead of the risk curve by kurt johnson, vice p...
 
Copyright and Technology London 2012: Content Identification - Werner Strydom...
Copyright and Technology London 2012: Content Identification - Werner Strydom...Copyright and Technology London 2012: Content Identification - Werner Strydom...
Copyright and Technology London 2012: Content Identification - Werner Strydom...
 
Cyber Threat Management Services
Cyber Threat Management ServicesCyber Threat Management Services
Cyber Threat Management Services
 
Confidence & The Cloud
Confidence & The CloudConfidence & The Cloud
Confidence & The Cloud
 
Sw keynote
Sw keynoteSw keynote
Sw keynote
 
Thought Leadership Session: Realities of BYOD and MDM
Thought Leadership Session: Realities of BYOD and MDMThought Leadership Session: Realities of BYOD and MDM
Thought Leadership Session: Realities of BYOD and MDM
 
Secure adn Contained Access for Everybody, at Anytime
Secure adn Contained Access for Everybody, at Anytime Secure adn Contained Access for Everybody, at Anytime
Secure adn Contained Access for Everybody, at Anytime
 
Keynote oracle entitlement-driven idm
Keynote oracle entitlement-driven idmKeynote oracle entitlement-driven idm
Keynote oracle entitlement-driven idm
 
BYOD Industry Trends and Best Practices - Philly Tech Week
BYOD Industry Trends and Best Practices - Philly Tech WeekBYOD Industry Trends and Best Practices - Philly Tech Week
BYOD Industry Trends and Best Practices - Philly Tech Week
 
Develop and Enforce a Bring-Your-Own-Device (BYOD) Policy
Develop and Enforce a Bring-Your-Own-Device (BYOD) PolicyDevelop and Enforce a Bring-Your-Own-Device (BYOD) Policy
Develop and Enforce a Bring-Your-Own-Device (BYOD) Policy
 
Gainful Information Security 2012 services
Gainful Information Security 2012 servicesGainful Information Security 2012 services
Gainful Information Security 2012 services
 
Anticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They OccurAnticipate and Prevent Cyber Attack Scenarios, Before They Occur
Anticipate and Prevent Cyber Attack Scenarios, Before They Occur
 
Creating Secure Social Applications
Creating Secure Social ApplicationsCreating Secure Social Applications
Creating Secure Social Applications
 
Oracle tech fmw-05-idm-neum-16.04.2010
Oracle tech fmw-05-idm-neum-16.04.2010Oracle tech fmw-05-idm-neum-16.04.2010
Oracle tech fmw-05-idm-neum-16.04.2010
 
Wayfs and Strays - Jonathan Richardson
Wayfs and Strays - Jonathan RichardsonWayfs and Strays - Jonathan Richardson
Wayfs and Strays - Jonathan Richardson
 
"Thinking diffrent" about your information security strategy
"Thinking diffrent" about your information security strategy"Thinking diffrent" about your information security strategy
"Thinking diffrent" about your information security strategy
 
Od webcast-cloud-fraud final
Od webcast-cloud-fraud finalOd webcast-cloud-fraud final
Od webcast-cloud-fraud final
 
Integrating Information Protection Into Data Architecture & SDLC
Integrating Information Protection Into Data Architecture & SDLCIntegrating Information Protection Into Data Architecture & SDLC
Integrating Information Protection Into Data Architecture & SDLC
 
The Cloud Beckons, But is it Safe?
The Cloud Beckons, But is it Safe?The Cloud Beckons, But is it Safe?
The Cloud Beckons, But is it Safe?
 

More from Andris Soroka

Digitala Era 2017 - TransactPro - Normunds Aizstrauts - Maksājumu un finansu ...
Digitala Era 2017 - TransactPro - Normunds Aizstrauts - Maksājumu un finansu ...Digitala Era 2017 - TransactPro - Normunds Aizstrauts - Maksājumu un finansu ...
Digitala Era 2017 - TransactPro - Normunds Aizstrauts - Maksājumu un finansu ...
Andris Soroka
 
Digitala Era 2017 - Datu Valsts Inspekcija - Lauris Linabergs - Vispārīgā dau...
Digitala Era 2017 - Datu Valsts Inspekcija - Lauris Linabergs - Vispārīgā dau...Digitala Era 2017 - Datu Valsts Inspekcija - Lauris Linabergs - Vispārīgā dau...
Digitala Era 2017 - Datu Valsts Inspekcija - Lauris Linabergs - Vispārīgā dau...
Andris Soroka
 
Digitala Era 2017 - PMLP - Vilnis Vītoliņš - Gaisa kuģu pasažieru datu apstrā...
Digitala Era 2017 - PMLP - Vilnis Vītoliņš - Gaisa kuģu pasažieru datu apstrā...Digitala Era 2017 - PMLP - Vilnis Vītoliņš - Gaisa kuģu pasažieru datu apstrā...
Digitala Era 2017 - PMLP - Vilnis Vītoliņš - Gaisa kuģu pasažieru datu apstrā...
Andris Soroka
 
Digitala Era 2017 - BOD LAW - Līva Aleksejeva - LIELIE DATI un personas datu ...
Digitala Era 2017 - BOD LAW - Līva Aleksejeva - LIELIE DATI un personas datu ...Digitala Era 2017 - BOD LAW - Līva Aleksejeva - LIELIE DATI un personas datu ...
Digitala Era 2017 - BOD LAW - Līva Aleksejeva - LIELIE DATI un personas datu ...
Andris Soroka
 
Digitala Era 2017 - Spridzans Law Office - Anna Vladimirova Krykova - Mobilo ...
Digitala Era 2017 - Spridzans Law Office - Anna Vladimirova Krykova - Mobilo ...Digitala Era 2017 - Spridzans Law Office - Anna Vladimirova Krykova - Mobilo ...
Digitala Era 2017 - Spridzans Law Office - Anna Vladimirova Krykova - Mobilo ...
Andris Soroka
 
Digitala Era 2017 - ZAB “BULLET” - Ivo Krievs - Vai uz valsti attiecināmi cit...
Digitala Era 2017 - ZAB “BULLET” - Ivo Krievs - Vai uz valsti attiecināmi cit...Digitala Era 2017 - ZAB “BULLET” - Ivo Krievs - Vai uz valsti attiecināmi cit...
Digitala Era 2017 - ZAB “BULLET” - Ivo Krievs - Vai uz valsti attiecināmi cit...
Andris Soroka
 
Digitala Era 2017 - LSPDSA - Arnis Puksts - Datu aizsardzības speciālists (DPO)
Digitala Era 2017 - LSPDSA - Arnis Puksts - Datu aizsardzības speciālists (DPO)Digitala Era 2017 - LSPDSA - Arnis Puksts - Datu aizsardzības speciālists (DPO)
Digitala Era 2017 - LSPDSA - Arnis Puksts - Datu aizsardzības speciālists (DPO)
Andris Soroka
 
Digitala Era 2017 - IIZI - Lauris Kļaviņš - GDPR - Kādus izdevumus un riskus ...
Digitala Era 2017 - IIZI - Lauris Kļaviņš - GDPR - Kādus izdevumus un riskus ...Digitala Era 2017 - IIZI - Lauris Kļaviņš - GDPR - Kādus izdevumus un riskus ...
Digitala Era 2017 - IIZI - Lauris Kļaviņš - GDPR - Kādus izdevumus un riskus ...
Andris Soroka
 
Digitala Era 2017 - E-Risinajumi - Māris Ruķers - Vai ar vienu datu aizsardzī...
Digitala Era 2017 - E-Risinajumi - Māris Ruķers - Vai ar vienu datu aizsardzī...Digitala Era 2017 - E-Risinajumi - Māris Ruķers - Vai ar vienu datu aizsardzī...
Digitala Era 2017 - E-Risinajumi - Māris Ruķers - Vai ar vienu datu aizsardzī...
Andris Soroka
 
Digitala Era 2017 - Gints Puškundzis - Personas datu apstrādes līgumi
Digitala Era 2017 - Gints Puškundzis - Personas datu apstrādes līgumi Digitala Era 2017 - Gints Puškundzis - Personas datu apstrādes līgumi
Digitala Era 2017 - Gints Puškundzis - Personas datu apstrādes līgumi
Andris Soroka
 
Digitala Era 2017 - DatuAizsardziba.LV - Agnese Boboviča - Datu aizsardzības ...
Digitala Era 2017 - DatuAizsardziba.LV - Agnese Boboviča - Datu aizsardzības ...Digitala Era 2017 - DatuAizsardziba.LV - Agnese Boboviča - Datu aizsardzības ...
Digitala Era 2017 - DatuAizsardziba.LV - Agnese Boboviča - Datu aizsardzības ...
Andris Soroka
 
Digitala Era 2017 - NotAKey - Janis Graubins - Mobile technologies for single...
Digitala Era 2017 - NotAKey - Janis Graubins - Mobile technologies for single...Digitala Era 2017 - NotAKey - Janis Graubins - Mobile technologies for single...
Digitala Era 2017 - NotAKey - Janis Graubins - Mobile technologies for single...
Andris Soroka
 
Digitala Era 2017 - Hermitage Solutions - Gatis Kaušs - Clearswift - Komunikā...
Digitala Era 2017 - Hermitage Solutions - Gatis Kaušs - Clearswift - Komunikā...Digitala Era 2017 - Hermitage Solutions - Gatis Kaušs - Clearswift - Komunikā...
Digitala Era 2017 - Hermitage Solutions - Gatis Kaušs - Clearswift - Komunikā...
Andris Soroka
 
Digitala Era 2017 - Digital Mind - Leons Mednis - eDiscovery risinājums GDPR ...
Digitala Era 2017 - Digital Mind - Leons Mednis - eDiscovery risinājums GDPR ...Digitala Era 2017 - Digital Mind - Leons Mednis - eDiscovery risinājums GDPR ...
Digitala Era 2017 - Digital Mind - Leons Mednis - eDiscovery risinājums GDPR ...
Andris Soroka
 
Digitala Era 2017 - ALSO - Artjoms Krūmiņš - Personas datu regulas (EU GDPR) ...
Digitala Era 2017 - ALSO - Artjoms Krūmiņš - Personas datu regulas (EU GDPR) ...Digitala Era 2017 - ALSO - Artjoms Krūmiņš - Personas datu regulas (EU GDPR) ...
Digitala Era 2017 - ALSO - Artjoms Krūmiņš - Personas datu regulas (EU GDPR) ...
Andris Soroka
 
Digitala Era 2017 - ZAB Skopiņa & Azanda - Jūlija Terjuhana - Tiesības uz dat...
Digitala Era 2017 - ZAB Skopiņa & Azanda - Jūlija Terjuhana - Tiesības uz dat...Digitala Era 2017 - ZAB Skopiņa & Azanda - Jūlija Terjuhana - Tiesības uz dat...
Digitala Era 2017 - ZAB Skopiņa & Azanda - Jūlija Terjuhana - Tiesības uz dat...
Andris Soroka
 
Digitala Era 2017 - IT Centrs - Agris Krusts - Latvijas iedzīvotāju digitālo ...
Digitala Era 2017 - IT Centrs - Agris Krusts - Latvijas iedzīvotāju digitālo ...Digitala Era 2017 - IT Centrs - Agris Krusts - Latvijas iedzīvotāju digitālo ...
Digitala Era 2017 - IT Centrs - Agris Krusts - Latvijas iedzīvotāju digitālo ...
Andris Soroka
 
Digitala Era 2017 - DSS.LV - Arturs Filatovs - Datu Aizsardzības Tehnoloģiskā...
Digitala Era 2017 - DSS.LV - Arturs Filatovs - Datu Aizsardzības Tehnoloģiskā...Digitala Era 2017 - DSS.LV - Arturs Filatovs - Datu Aizsardzības Tehnoloģiskā...
Digitala Era 2017 - DSS.LV - Arturs Filatovs - Datu Aizsardzības Tehnoloģiskā...
Andris Soroka
 
Digitala Era 2017 - DSS.LV - Arturs Filatovs - Mobilitāte un Personas Datu Dr...
Digitala Era 2017 - DSS.LV - Arturs Filatovs - Mobilitāte un Personas Datu Dr...Digitala Era 2017 - DSS.LV - Arturs Filatovs - Mobilitāte un Personas Datu Dr...
Digitala Era 2017 - DSS.LV - Arturs Filatovs - Mobilitāte un Personas Datu Dr...
Andris Soroka
 
Digitala Era 2017 - DSS.LV - Andris Soroka - Personas datu regulas tehnoloģis...
Digitala Era 2017 - DSS.LV - Andris Soroka - Personas datu regulas tehnoloģis...Digitala Era 2017 - DSS.LV - Andris Soroka - Personas datu regulas tehnoloģis...
Digitala Era 2017 - DSS.LV - Andris Soroka - Personas datu regulas tehnoloģis...
Andris Soroka
 

More from Andris Soroka (20)

Digitala Era 2017 - TransactPro - Normunds Aizstrauts - Maksājumu un finansu ...
Digitala Era 2017 - TransactPro - Normunds Aizstrauts - Maksājumu un finansu ...Digitala Era 2017 - TransactPro - Normunds Aizstrauts - Maksājumu un finansu ...
Digitala Era 2017 - TransactPro - Normunds Aizstrauts - Maksājumu un finansu ...
 
Digitala Era 2017 - Datu Valsts Inspekcija - Lauris Linabergs - Vispārīgā dau...
Digitala Era 2017 - Datu Valsts Inspekcija - Lauris Linabergs - Vispārīgā dau...Digitala Era 2017 - Datu Valsts Inspekcija - Lauris Linabergs - Vispārīgā dau...
Digitala Era 2017 - Datu Valsts Inspekcija - Lauris Linabergs - Vispārīgā dau...
 
Digitala Era 2017 - PMLP - Vilnis Vītoliņš - Gaisa kuģu pasažieru datu apstrā...
Digitala Era 2017 - PMLP - Vilnis Vītoliņš - Gaisa kuģu pasažieru datu apstrā...Digitala Era 2017 - PMLP - Vilnis Vītoliņš - Gaisa kuģu pasažieru datu apstrā...
Digitala Era 2017 - PMLP - Vilnis Vītoliņš - Gaisa kuģu pasažieru datu apstrā...
 
Digitala Era 2017 - BOD LAW - Līva Aleksejeva - LIELIE DATI un personas datu ...
Digitala Era 2017 - BOD LAW - Līva Aleksejeva - LIELIE DATI un personas datu ...Digitala Era 2017 - BOD LAW - Līva Aleksejeva - LIELIE DATI un personas datu ...
Digitala Era 2017 - BOD LAW - Līva Aleksejeva - LIELIE DATI un personas datu ...
 
Digitala Era 2017 - Spridzans Law Office - Anna Vladimirova Krykova - Mobilo ...
Digitala Era 2017 - Spridzans Law Office - Anna Vladimirova Krykova - Mobilo ...Digitala Era 2017 - Spridzans Law Office - Anna Vladimirova Krykova - Mobilo ...
Digitala Era 2017 - Spridzans Law Office - Anna Vladimirova Krykova - Mobilo ...
 
Digitala Era 2017 - ZAB “BULLET” - Ivo Krievs - Vai uz valsti attiecināmi cit...
Digitala Era 2017 - ZAB “BULLET” - Ivo Krievs - Vai uz valsti attiecināmi cit...Digitala Era 2017 - ZAB “BULLET” - Ivo Krievs - Vai uz valsti attiecināmi cit...
Digitala Era 2017 - ZAB “BULLET” - Ivo Krievs - Vai uz valsti attiecināmi cit...
 
Digitala Era 2017 - LSPDSA - Arnis Puksts - Datu aizsardzības speciālists (DPO)
Digitala Era 2017 - LSPDSA - Arnis Puksts - Datu aizsardzības speciālists (DPO)Digitala Era 2017 - LSPDSA - Arnis Puksts - Datu aizsardzības speciālists (DPO)
Digitala Era 2017 - LSPDSA - Arnis Puksts - Datu aizsardzības speciālists (DPO)
 
Digitala Era 2017 - IIZI - Lauris Kļaviņš - GDPR - Kādus izdevumus un riskus ...
Digitala Era 2017 - IIZI - Lauris Kļaviņš - GDPR - Kādus izdevumus un riskus ...Digitala Era 2017 - IIZI - Lauris Kļaviņš - GDPR - Kādus izdevumus un riskus ...
Digitala Era 2017 - IIZI - Lauris Kļaviņš - GDPR - Kādus izdevumus un riskus ...
 
Digitala Era 2017 - E-Risinajumi - Māris Ruķers - Vai ar vienu datu aizsardzī...
Digitala Era 2017 - E-Risinajumi - Māris Ruķers - Vai ar vienu datu aizsardzī...Digitala Era 2017 - E-Risinajumi - Māris Ruķers - Vai ar vienu datu aizsardzī...
Digitala Era 2017 - E-Risinajumi - Māris Ruķers - Vai ar vienu datu aizsardzī...
 
Digitala Era 2017 - Gints Puškundzis - Personas datu apstrādes līgumi
Digitala Era 2017 - Gints Puškundzis - Personas datu apstrādes līgumi Digitala Era 2017 - Gints Puškundzis - Personas datu apstrādes līgumi
Digitala Era 2017 - Gints Puškundzis - Personas datu apstrādes līgumi
 
Digitala Era 2017 - DatuAizsardziba.LV - Agnese Boboviča - Datu aizsardzības ...
Digitala Era 2017 - DatuAizsardziba.LV - Agnese Boboviča - Datu aizsardzības ...Digitala Era 2017 - DatuAizsardziba.LV - Agnese Boboviča - Datu aizsardzības ...
Digitala Era 2017 - DatuAizsardziba.LV - Agnese Boboviča - Datu aizsardzības ...
 
Digitala Era 2017 - NotAKey - Janis Graubins - Mobile technologies for single...
Digitala Era 2017 - NotAKey - Janis Graubins - Mobile technologies for single...Digitala Era 2017 - NotAKey - Janis Graubins - Mobile technologies for single...
Digitala Era 2017 - NotAKey - Janis Graubins - Mobile technologies for single...
 
Digitala Era 2017 - Hermitage Solutions - Gatis Kaušs - Clearswift - Komunikā...
Digitala Era 2017 - Hermitage Solutions - Gatis Kaušs - Clearswift - Komunikā...Digitala Era 2017 - Hermitage Solutions - Gatis Kaušs - Clearswift - Komunikā...
Digitala Era 2017 - Hermitage Solutions - Gatis Kaušs - Clearswift - Komunikā...
 
Digitala Era 2017 - Digital Mind - Leons Mednis - eDiscovery risinājums GDPR ...
Digitala Era 2017 - Digital Mind - Leons Mednis - eDiscovery risinājums GDPR ...Digitala Era 2017 - Digital Mind - Leons Mednis - eDiscovery risinājums GDPR ...
Digitala Era 2017 - Digital Mind - Leons Mednis - eDiscovery risinājums GDPR ...
 
Digitala Era 2017 - ALSO - Artjoms Krūmiņš - Personas datu regulas (EU GDPR) ...
Digitala Era 2017 - ALSO - Artjoms Krūmiņš - Personas datu regulas (EU GDPR) ...Digitala Era 2017 - ALSO - Artjoms Krūmiņš - Personas datu regulas (EU GDPR) ...
Digitala Era 2017 - ALSO - Artjoms Krūmiņš - Personas datu regulas (EU GDPR) ...
 
Digitala Era 2017 - ZAB Skopiņa & Azanda - Jūlija Terjuhana - Tiesības uz dat...
Digitala Era 2017 - ZAB Skopiņa & Azanda - Jūlija Terjuhana - Tiesības uz dat...Digitala Era 2017 - ZAB Skopiņa & Azanda - Jūlija Terjuhana - Tiesības uz dat...
Digitala Era 2017 - ZAB Skopiņa & Azanda - Jūlija Terjuhana - Tiesības uz dat...
 
Digitala Era 2017 - IT Centrs - Agris Krusts - Latvijas iedzīvotāju digitālo ...
Digitala Era 2017 - IT Centrs - Agris Krusts - Latvijas iedzīvotāju digitālo ...Digitala Era 2017 - IT Centrs - Agris Krusts - Latvijas iedzīvotāju digitālo ...
Digitala Era 2017 - IT Centrs - Agris Krusts - Latvijas iedzīvotāju digitālo ...
 
Digitala Era 2017 - DSS.LV - Arturs Filatovs - Datu Aizsardzības Tehnoloģiskā...
Digitala Era 2017 - DSS.LV - Arturs Filatovs - Datu Aizsardzības Tehnoloģiskā...Digitala Era 2017 - DSS.LV - Arturs Filatovs - Datu Aizsardzības Tehnoloģiskā...
Digitala Era 2017 - DSS.LV - Arturs Filatovs - Datu Aizsardzības Tehnoloģiskā...
 
Digitala Era 2017 - DSS.LV - Arturs Filatovs - Mobilitāte un Personas Datu Dr...
Digitala Era 2017 - DSS.LV - Arturs Filatovs - Mobilitāte un Personas Datu Dr...Digitala Era 2017 - DSS.LV - Arturs Filatovs - Mobilitāte un Personas Datu Dr...
Digitala Era 2017 - DSS.LV - Arturs Filatovs - Mobilitāte un Personas Datu Dr...
 
Digitala Era 2017 - DSS.LV - Andris Soroka - Personas datu regulas tehnoloģis...
Digitala Era 2017 - DSS.LV - Andris Soroka - Personas datu regulas tehnoloģis...Digitala Era 2017 - DSS.LV - Andris Soroka - Personas datu regulas tehnoloģis...
Digitala Era 2017 - DSS.LV - Andris Soroka - Personas datu regulas tehnoloģis...
 

Recently uploaded

Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Inflectra
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 

Recently uploaded (20)

Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 

DSS ITSEC Conference 2012 - Varonis Eliminating Data Security Threats

  • 1. Eliminating Data Security Threats Daniel Gutman, Varonis Systems © 2012 Varonis Systems. Proprietary and confidential.
  • 2. Data? What data? © 2012 Varonis Systems. Proprietary and confidential.
  • 3. Unstructured & Semi Structured Data PERCENTAGE OF THE DIGITAL UNIVERSE 2007 2011 50% 40% 30% 20% 10% 650% growth 0% Security-Intense Compliance- Intense in the next 5 Preservation- Intense Source: IDC years! © 2012 Varonis Systems. Proprietary and confidential.
  • 4. Data Explosion – Are We Ready? MORE 91% Can IT answer?  Who has access to this folder? + Data + Collaboration Lack processes for  Which folders does this user or + Cross-Functional Teams determining data group have access to? + Security Requirements ownership  Who has been accessing this = folder? MORE Containers MORE ACLs 76%  Which data is sensitive?  Who is the data owner? MORE Management Unable to determine  Where is my sensitive data who can access overexposed?  How do I fix it? unstructured data  Where do I begin? SOURCE: PONEMON INSTITUTE Page 4 © 2012 Varonis Systems. Proprietary and confidential.
  • 5. Functional Relationships in 10TB, 1000 Users Page 5 © 2010 Varonis Systems. Proprietary and confidential.
  • 6. Secure Collaboration Maximizes Value Maximum Value Too much access No Access Uncontrolled No Collaboration Correct Access Collaboration Correct Auditng No Value Negative Value (Damage) © 2012 Varonis Systems. Proprietary and confidential.
  • 7. Survey: 22% reported a data breach Data Breaches Breached 22% Not Breached 78% © 2012 Varonis Systems. Proprietary and confidential.
  • 8. Breach has cost © 2012 Varonis Systems. Proprietary and confidential.
  • 9. 43% of Breaches by “Trusted” Insiders © 2012 Varonis Systems. Proprietary and confidential.
  • 10. So, how do we protect our data? © 2012 Varonis Systems. Proprietary and confidential.
  • 11. Data Protection Flow Authentication Authorization Auditing • Authentication Users are who they say they are • Authorization Users have access to only what they need • Auditing Monitor actual access • Alert On unusual activity Page 11 © 2012 Varonis Systems. Proprietary and confidential.
  • 12. If we do that… • Access is controlled No one gets access to data who shouldn’t No data is exposed to people that shouldn’t see it • Access is monitored No one can access data without it being logged Logs are inspected (with automation) • Unusual activity is flagged Humans can investigate the right things Page 12 © 2012 Varonis Systems. Proprietary and confidential.
  • 13. What might this look like? © 2012 Varonis Systems. Proprietary and confidential.
  • 14. Varonis Metadata Framework • Four types of metadata are collected, synthesized, processed, and presented: File System & Permissions Information User and Group Information Access Activity Sensitive Content Indicators • Actionable data governance information: WHO has access to a data set? WHO should have access to data set? WHO has been accessing it? WHICH data is sensitive? WHO is the data owner? WHERE is my sensitive data overexposed, and how do I fix it? • Allows data owners to participate in data governance: Automated Entitlement reviews Authorization workflows Foundation for Secure Collaboration Page 14
  • 15. Varonis Data Governance Life Cycle Data Owner Participation Identify •Review Access Sensitive •Examine Activity Folders & Files •Review Stale Data Remediate Excessive Permissions Profile Data Use •All file activity will be monitored by •Global Group Access Varonis •Stale Group Memberships Data to Business Alignment Prioritize Based •Identify Demarcation Containers on Content & •Identify Data Owners Exposure © 2011 Varonis Systems. Proprietary and confidential.
  • 16. Permissions - Bi-Directional Visibility Users/Groups… to Users/Groups to Data Data… © 2012 Varonis Systems. Proprietary and confidential.
  • 17. Audit Trail Search, Sort, and Group © 2012 Varonis Systems. Proprietary and confidential.
  • 18. Actionable Data • Prioritized list of folders that should be Sensitive Dataaddressed Exposed Data Top folders that contain a large percentage of sensitive data -AND- Have excessive/loose permissions Page 18 © 2012 Varonis Systems. Proprietary and confidential.
  • 19. Activity Analysis • Most/Least Active Users • Most/Least Active Directories • Anomalous Behavior © 2012 Varonis Systems. Proprietary and confidential.
  • 20. Data Ownership Identification Active Users © 2012 Varonis Systems. Proprietary and confidential.
  • 21. Reports – Automatic for Owners Activity Permissions © 2011 Varonis Systems. Proprietary and confidential.
  • 22. Data Owner Involvement • Entitlement Reviews • Authorization Workflow • Self Service Portal • Automated Rules Page 22 © 2011 Varonis Systems. Proprietary and confidential.
  • 23. Improving Today’s Environments with Automation • Data is accessible to manythe right users accessible to only users • Access is rarely reviewed reviewed regularly Owners will be identified based a metadata, assigned, 91% of organizations don’t haveonprocess to identify data tracked owners & involved Permissions reports will be created a permissions report 76% of organizations can’t produce and sent automatically (Source: Ponemon Institute) • User access is audited continuously • User access is rarely audited • User access is analyzed automatically • User access is rarely analyzed • Unused data is automatically moved or deleted • Unused data is left at-risk Page 23 © 2012 Varonis Systems. Proprietary and confidential.
  • 24. Varonis: Immediate Operational and Financial Benefits Ensuring appropriate access & permissions Finding lost, moved, copied files Audit & Analyze Data Use Activity Permissions Analysis & Testing Data ownership identification Storage cost savings Significant, quantifiable return on investment Page 24 © 2008 Varonis Systems. Proprietary and confidential.
  • 25. Thank You! Daniel Gutman daniel@varonis.com Page 25 © 2012 Varonis Systems. Proprietary and confidential.
  • 26. IDU Multi-tiered Architecture Page 26 © 2011 Varonis Systems. Proprietary and confidential.
  • 27. Архитектура Varonis IDU Page 27 © 2008 Varonis Systems. Proprietary and confidential.