Jump to content
NEW YORK – February 13, 2012 - Varonis Systems Inc., the leading provider of comprehensive data governance software has identified a critical missing component to traditional DLP processes - enterprise context awareness – i.e., knowledge of who owns the data, who uses the data, and who should and shouldn’t have access to the data. Traditional DLP solutions that focus on endpoint and network protections commonly fail to fully protect critical data because they focus on symptomatic, perimeter-level solutions instead of addressing a much deeper problem — the fact that users have inappropriate or excessive rights to sensitive information. “For DLP technology to be successful, you must inventory and classify all of your sensitive data and understand your information flows,” advises Forrester. “This is hard to do if you have hundreds, possibly thousands, of terabytes of unstructured data.
“Think of it this way, the network and endpoint DLP solutions are like security guards that detain every single patron as they try to leave the bank with cash in hand, without any clues to help sort out the criminals from the customers.” said David Gibson, Director of Strategy for Varonis. “Server DLP dutifully points out that there is a lot of money in the bank, stored in a lot of places but what’s needed is intelligence and automation for the tellers, empowering them to correctly and efficiently govern the dissemination of cash.”
Managing and protecting sensitive information requires an ongoing, repeatable process. The analyst firm Forrester refers to this as protecting information consistently with identity context (PICWIC).
The key to providing the necessary context lies in metadata: To collect and analyze required metadata non-intrusively, to automate workflows and auto-generate reports, and have a reliable operational plan to follow. With the recent advancements in metadata technology, data governance software is providing organizations with the ability to improve DLP implementations by not only automating the process of identifying sensitive data, but also simultaneously showing who has access to it, where it is exposed, what data is in use and who is using it – i.e. provide the needed context for comprehensive DLP.
To see a live demonstration of this new approach to DLP, join Varonis and guest Forrester on March 7 at 1pm ET for a webinar: Enhancing Data Protection with Strong Identity Context The webinar will show attendees how to leverage enterprise data context for comprehensive data loss prevention. The live webinar will feature David Gibson, Director of Strategy for Varonis and Forrester Principal Analyst Andres Cser, who will discuss:
Four types of metadata are critical for data governance:
The Varonis Metadata Framework™ non-intrusively collects this critical metadata, generates metadata where existing metadata is lacking (e.g. its file system filters and content inspection technologies), preprocesses it, normalizes it, analyzes it, stores it, and presents it to IT administrators in an interactive, dynamic interface.
Varonis is the leader in unstructured and semi-structured data governance for file systems, SharePoint and NAS devices, and Exchange servers. Named a "Cool Vendor" in Risk Management and Compliance by Gartner and voted one of the "Fast 50 Reader Favorites" on FastCompany.com, Varonis has more than 4,000 installations worldwide. Based on patented technology and a highly accurate analytics engine, Varonis' solutions give organizations total visibility and control over their data, ensuring that only the right users have access to the right data at all times. Varonis is headquartered in New York, with regional offices in Europe, Asia and Latin America, and research and development offices in Hertzliya, Israel.
Varonis, the Varonis logo, DatAdvantage and DataPrivilege are registered trademarks of Varonis Systems in the United States and/or other countries and Data Classification Framework and Metadata Framework are under a registration process in the United States and/or other countries. All other product and company names and marks mentioned in this document are the property of their respective owners and are mentioned for identification purposes only.
 Your Data Protection Strategy Will Fail Without Strong Identity Context, Forrester Research, Inc., July 29, 2011