Varonis: Know Your Data, Own Your Data (Part 1)

Varonis: Know Your Data, Own Your Data (Part 1)

Varonis: Know Your Data, Own Your Data (Part 1)

In cybersecurity circles, 2017 will go down in history as the year that Fortune 500 CEOs started to get fired after data breaches, whereas in the previous era a junior IT manager would be sacrificed. It seemed that everyone got hacked, ranging from the SEC or Parliament in the UK, Fortune 500 companies, to the law firms that manage off-shore wealth for the elite. It is little surprise that DLP (Data Leakage Protection) is now front of mind for executive teams and corporate boards across the world.

Options has been engaged with Varonis over the last few years and we are upping our investment in 2018. Over a series of blogs we will cover the DLP platform we’ve implemented to date and the new features we’re rolling out this year.

Data Monitoring, Auditing & Reporting 

DatAdvantage is a data audit and protection product and the foundation component for all the other Varonis products we use at Options. It provides a broad range of data monitoring, auditing and reporting analysis across our client NAS devices and File Servers including Windows and Unix. If our clients want alerted when a particular file is accessed, by who and what they did with it, we can provide that forensic fingerprint.

1) Monitor – Every file has a history

Monitoring with DatAdvantage is non-intrusive and doesn’t require native auditing which makes it easier to perform security investigations, prove compliance and find lost files. The ability to report on the full history of any file and folder means that any hidden files can be found.

2) Audit – Who, What, When & Where?

An extremely powerful auditing tool, DatAdvantage offers a bi-directional view of access permissions on Files, Folders and Active Directory Groups across various platforms including Active Directory, Windows & NAS devices. By providing comprehensive auditing on all event operations across all platforms it improves security and allows for many actions to be taken as a result, such as reviewing permissions.

 

3) Ownership – Who owns the data?

Ownership management easily identifies data owners and allows our clients to determine true active users of a file or folder and better control the removal of extraneous groups/users who perhaps only need occasional access. Without a data owner that understands the sensitivity, importance and organisational context, the data cannot be managed and governed by the right groups.

4) Recommendations – Listen to your data

Behaviour analysis functionality allows us to offer permission recommendations by assigning users to clusters based on similar access patterns. This is a great housekeeping tool and ensures permissions for each user are locked down to those who truly need access to the data.

5) Remove Stale/Inactive Users

Similar to the above, stale or inactive user accounts can be removed from user group permissions. This gives clients a better representation of users who are actually active within an assigned security group and actively accessing the associated data.

6) Reports – Understand your data

Reporting on a vast array of data objects is critical to fully understanding data. From examining user, group and folder detail, our clients have the intel to apply and enforce stricter security policies. Below is an example report on Group Members for the ‘Domain Users’ group which provides a global user list.

Coming next…

In my next blog post in the series, I’ll be taking a closer look at the sophisticated real time data alerts we offer clients, courtesy of the Varonis user behaviour analysis & alerting tool. Stay tuned!

David, Options Data Analyst

Leave a Reply

Your email address will not be published. Required fields are marked *