Jump to content
London December 7, 2011 Commenting on reports that the European Commission is planning to impose fines of up to five per cent of global turnover on errant companies losing private data, Varonis Systems is advising major corporates to invest in the necessary data defences before it is too late.
David Gibson, director of technical services with the unstructured data security specialist, says that the changes to EU data protection legislation – which will reportedly be announced tomorrow – are long overdue.
“We’re already seeing the UK regulator, the ICO, imposing its first major fines on public sector bodies, so it’s clear there is a wind of change in the air. And with penalties of five per cent of global turnover – rather like serious motoring offences, the advice has to be to shape up, or face the consequences,” he said.
“Because they are based on turnover, these penalties have the capacity to wipe out a corporate’s global profits for the year and that makes the topic of data protection a top boardroom topic, if it were not one before,” he added.
The Varonis director went on to say that it is increasingly clear to all organisations that the biggest risk surrounding data does not come from hackers directly compromising customer and employee files, but from overly permissive access, lack of access auditing, lack of context, and lack of automation for the volumes of unstructured data that slosh around company archives.
Research from Forrester and other analysis houses shows that as much as three quarters of data in large enterprises is unstructured and, because of the volume, lack of native auditing, and lack of automated analysis, Gibson says that auditing this data – as required under current governance rules – is far more difficult for IT security staff concerned.
“That doesn’t mean it is impossible. It just means that corporates have to invest in the necessary data protection and analytical technologies capable of auditing – down to the last file – who does what, when and where with the firm’s data,” he said.
“And with unstructured archival data being measured in terabyte and petabyte file sizes, this is where many data security systems are pushed beyond their normal limits. But with penalties of up to five per cent of global turnover, I predict you will see major enterprises investing in the required technology,” he added.
“We’ve been banging the drum on the need for unstructured data management and protection for many years, so it’s good to see the European Commission supporting us in tackling this very real data security problem – at long last.”
For more on Varonis: http://www.varonis.com
For more on the EU plans for massively increased data breach penalties: http://www.ft.com/cms/s/2/bf962998-1d01-11e1-a26a-00144feabdc0.html#axzz1fbMYiUzk
Varonis is the leader in unstructured and semi-structured data governance for file systems, SharePoint and NAS devices, and Exchange servers. Named a "Cool Vendor" in Risk Management and Compliance by Gartner and voted one of the "Fast 50 Reader Favorites" on FastCompany.com, Varonis has more than 4,000 installations worldwide. Based on patented technology and a highly accurate analytics engine, Varonis' solutions give organizations total visibility and control over their data, ensuring that only the right users have access to the right data at all times. Varonis is headquartered in New York, with regional offices in Europe, Asia and Latin America, and research and development offices in Hertzliya, Israel.
Varonis, the Varonis logo, DatAdvantage and DataPrivilege are registered trademarks of Varonis Systems in the United States and/or other countries and Data Classification Framework and Metadata Framework are under a registration process in the United States and/or other countries. All other product and company names and marks mentioned in this document are the property of their respective owners and are mentioned for identification purposes only.