3 ways varonis enhances data loss prevention ways...varonis whitepaper: 3 ways varonis enhances data...

1VARONIS WHITEPAPER 3 Ways Varonis Enhances Data Loss Prevention

WHITEPAPER

3 Ways Varonis Enhances Data Loss Prevention

VARONIS WHITEPAPER 3 Ways Varonis Enhances Data Loss Prevention 2

ContentsOverview 3

3 Ways Varonis Enhances DLP

1 Sensitive Data Discovery 6

2 360o Permissions Visibility amp Management 8

3 Advanced Threat Detection 10

Summary 11

Get a Personalized Risk Assessment 12


Overview

Data loss prevention (DLP) has long been considered one of the key technologies to limit the loss of intellectual property healthcare data financial data and personally identifiable information However IT pros who deploy enterprise DLP systems often struggle to move beyond the initial phases of discovering and monitoring data flows never realizing the potential benefits of deeper data analytics or applying appropriate data protections1

In a recent poll Gartner analyst Anton Chuvakin asked IT pros ldquoCan DLP technology be effective against the lsquobad guysrsquo (anybody with malicious intent whether insider or outsider) threatening your organizationrdquo

About two-thirds of poll participants were skeptical believing that DLP ldquojust cannot workrdquo ldquosort of but too inefficientrdquo or ldquoworks only against unsophisticated threatsrdquo

CAN DATA LOSS PREVENTION (DLP) TECHNOLOGY BE EFFECTIVE AGAINSTTHE ldquoBAD GUYSrdquo THREATENING YOUR ORGANIZATION

Just cannot work 164

Sort of but it requires such amount of work that itrsquos never ecient 209

Partially eective only against unsophisticated attackers 269

Yes it is eective most of the time 6

Yes but only against insiders 89

Yes but only if the organization works hard to make it so 209

358

358 DLP Optimists and Positive Realists

642

642 DLP Skeptics and Deniers

Reed Brian Its Time to Redefine Data Loss Prevention httpswwwgartnercomdoc3803465time-redefine-data-loss-prevention (accessed February 14 2018)


For a more descriptive perspective a CISO at an insurance company recently said ldquoWe came to the conclusion that DLP was more concept than a toolrdquo

Another VP of technology services at a financial services company said ldquoOurs [DLP] is not worth it Irsquom not sure if even a great system is worth itrdquo

Why have so many real world cybersecurity teams spurned DLP

One reason is the lack of actionable intelligence Upon implementing DLP it is not uncommon to have tens of thousands of ldquoalertsrdquo about sensitive files Where do you begin How do you prioritize Which incident in the colossal stack represents a significant risk that warrants your immediate undivided attention

The challenge doesnrsquot stop here Pick an incidentalert at random ndash the sensitive files involved may have been auto-encrypted and auto-quarantined but what comes next Who has the knowledge and authority to decide the appropriate access controls Who are we now preventing from doing their jobs How and why were the files placed here in the first place

DLP solutions by themselves provide very little context about data usage permissions and ownership making it difficult for IT to proceed with sustainable remediation IT is not qualified to make decisions about accessibility and acceptable use on its own even if it were it is not realistic to make these kinds of decisions for each and every file


DLP lacks the necessary context about datamdashwho has access who is accessing it where itrsquos overexposed and how to safely lock it down Without that context itrsquos nearly impossible to prioritize risk reduction efforts Thatrsquos why many organizations describe their experience with DLP as an embedded function rather than a product

These limitations also make it hard to meet many of the requirements prescribed by regulations such as the EU GDPR which not only mandate that you know where personal data resides but whether itrsquos accessible to only the right people at all times all use is monitored and abuse is flagged

So if DLP is no longer the foundation on which to build your data security strategy what is

Companies are already augmenting their DLP strategy ndash deploying full-scale data centric audit and protection (DCAP) products that include DLP functionality or integrating DLP with DCAP Security analysts now view DLP as one part of a more complete solution and advise moving towards a unified platform that includes data discovery permissions management security analytics data access governance and more

In this whitepaper we will discuss three ways the Varonis Data Security Platform helps you go beyond DLP for complete data protection

currencurren Sensitive Data Discovery

currencurren 360o Permissions Visibility amp Management

currencurren Advanced Threat Detection


Organizations need to determine where their sensitive data is located to perform risk assessments monitor for threats and prioritize where permission remediation is required

The Varonis Data Classification Engine (DCE) classifies sensitive data in OneDrive SharePoint Online and on-premises data stores such as Windows file servers NAS devices UNIX and SharePoint DCE uses powerful pattern-based content matching regular expressions and dictionary-based matching with dynamic auto-updating dictionaries Negative look-ahead and look-behind and algorithmic verification ensure few false positives

The Data Classification Engine can optionally consume classification metadata from third-party classification products that have already been deployed (including DLP products) Varonis will display third-party sensitivity information natively and combine it with Varonisrsquo own metadata enabling actionable data protection and management Classification information can also be imported into the Varonis platform through CSV files automatically on a scheduled basis

By leveraging the audit trail of file access activity in DatAdvantage DCE employs true incremental scanning With real-time knowledge of all file creations and modifies only new data is classified resulting in greater performance than traditional classification products

1 Sensitive Data Discovery


DCE has a wide array of built-in compliance packs for regulations such as GDPR HIPAA SOX PCI-DSS etc while providing the ability to create custom rules perform algorithmic verification add manual flags and even automatically quarantine or delete sensitive content that is out-of-policy

Varonis Data Classification Engine has helped us be more efficient while giving us visibility

in specific areas where we really needed more visibility I know without a shadow of a doubt

where our credit card information is and the location of any social security numbers

-Ian Aguilar CTO of Campbell Global


Finding sensitive data is only the beginning To sustainably reduce risk you also need to know were sensitive data is highly concentrated and over-exposed so that you can prioritize your remediation efforts and make an action plan

It can be extremely difficult or impossible to pinpoint which folders SharePoint sites and mailboxes a user or group can access Itrsquos even harder to find at-risk data identify sensitive folders and objects that have been shared externally and remediate permissions that are no longer needed This is not a challenge DLP technology was designed to tackle

Because the Varonis Data Classification Engine is part of the larger Varonis Data Security Platform data sensitivity is combined with permissions metadata to create an actionable plan for remediation Prove to auditors that yoursquore not just watching regulated data but yoursquore proactively protecting it by pulling back unnecessary access based on actual data usage patterns

2 360o Permissions Visibility amp Management


Varonis gives you a holistic view of data access across cloud and on-premises repositories Within seconds IT can instantly visualize or report on potential access for any user or group in Active Directory Azure AD or a local system pinpoint over-exposed sensitive data and identify excessive permissions

A powerful commit engine can simulate access control changes in a sandbox and commit them when ready Therersquos no need to understand all of the idiosyncrasies between cloud and on-premises permissions models--Varonis provides a single abstract interface for managing data access and systemically reducing your attack surface


Advanced Threat Detection3Varonis analyzes user activity and behavior across hybrid environments and builds behavioral baselines for every account Its Data Security Platform analyzes data access events in context with data sensitivity permissions and Active Directory metadata resulting in accurate alerts and fewer false positives

DatAlert helps you confidently answer the question ldquoIs my data saferdquo with continuous monitoring and alerting on your core data and systems Varonis is the only solution that combines data classification and access governance with security analytics giving our threat models richer context and more accurate alerts

With over 100 threat models Varonis alerts on everything from unusual mailbox activity to insider threats to known ransomware behavior Security teams have the flexibility to use the DatAlert dashboard or send alerts to an integrated SIEM


DLP solutions alone do not provide enough context to systematically and sustainably address fundamental problems in data management and protection individuals in organizations have access to data that they do not need and should not have and their use of data is not monitored

Enterprise context awareness is a problem in the domain of data-centric audit and protectionmdashnot data loss prevention When access controls are optimized use of data is monitored and abuse is flagged the possibility of data loss decreases greatly

In order to maximize security corporations will have to apply complementary technologies to replace or significantly augment their existing DLP solutions

Summary

Varonis is aFantastic Solution

Read about customer results rarr


Live DemoSet up Varonis in your own environment and see how to stop ransomware and protect your data

infovaroniscomdemo

Data Risk AssessmentGet your risk profile discover where yoursquore vulnerable and fix real security issues

infovaroniscomstart

Varonis is a pioneer in data security and analytics specializing in software

for data security governance compliance classification and analytics

Varonis detects insider threats and cyberattacks by analyzing file activity

and user behavior prevents disaster by locking down sensitive data and

efficiently sustains a secure state with automation

We help thousands of customers prevent data breaches

ABOUT VARONIS

Get a Personalized Risk Assessment


ContentsOverview 3

3 Ways Varonis Enhances DLP

1 Sensitive Data Discovery 6

2 360o Permissions Visibility amp Management 8

3 Advanced Threat Detection 10

Summary 11

Get a Personalized Risk Assessment 12


Overview











358


642















































Summary





infovaroniscomdemo


infovaroniscomstart







ABOUT VARONIS



Overview











358


642















































Summary





infovaroniscomdemo


infovaroniscomstart







ABOUT VARONIS














































Summary





infovaroniscomdemo


infovaroniscomstart







ABOUT VARONIS




infovaroniscomdemo


infovaroniscomstart







ABOUT VARONIS


3 ways varonis enhances data loss prevention ways...varonis whitepaper: 3 ways varonis enhances data...

Documents