Jump to content

What's Missing from DLP? Context.

On March 7, 2012 Varonis and an Independent Research Firm will present a new approach to DLP that leverages enterprise context awareness

NEW YORK – February 13, 2012 - Varonis Systems Inc., the leading provider of comprehensive data governance software has identified a critical missing component to traditional DLP processes - enterprise context awareness – i.e., knowledge of who owns the data, who uses the data, and who should and shouldn’t have access to the data. Traditional DLP solutions that focus on endpoint and network protections commonly fail to fully protect critical data because they focus on symptomatic, perimeter-level solutions instead of addressing a much deeper problem — the fact that users have inappropriate or excessive rights to sensitive information. “For DLP technology to be successful, you must inventory and classify all of your sensitive data and understand your information flows,” advises Forrester. “This is hard to do if you have hundreds, possibly thousands, of terabytes of unstructured data.

“Think of it this way, the network and endpoint DLP solutions are like security guards that detain every single patron as they try to leave the bank with cash in hand, without any clues to help sort out the criminals from the customers.” said David Gibson, Director of Strategy for Varonis. “Server DLP dutifully points out that there is a lot of money in the bank, stored in a lot of places but what’s needed is intelligence and automation for the tellers, empowering them to correctly and efficiently govern the dissemination of cash.”

Managing and protecting sensitive information requires an ongoing, repeatable process. The analyst firm Forrester refers to this as protecting information consistently with identity context (PICWIC).

The key to providing the necessary context lies in metadata: To collect and analyze required metadata non-intrusively, to automate workflows and auto-generate reports, and have a reliable operational plan to follow. With the recent advancements in metadata technology, data governance software is providing organizations with the ability to improve DLP implementations by not only automating the process of identifying sensitive data, but also simultaneously showing who has access to it, where it is exposed, what data is in use and who is using it – i.e. provide the needed context for comprehensive DLP.

To see a live demonstration of this new approach to DLP, join Varonis and guest Forrester on March 7 at 1pm ET for a webinar: Enhancing Data Protection with Strong Identity Context The webinar will show attendees how to leverage enterprise data context for comprehensive data loss prevention. The live webinar will feature David Gibson, Director of Strategy for Varonis and Forrester Principal Analyst Andres Cser, who will discuss:

  • Why data breaches matter
  • Why DLP and ERM Don’t work on their own
  • PICWIC Best Practices (Protecting Information with Identity Context)
  • Recommendations for accelerating Data Protection
  • Leveraging metadata for enterprise data context

About the Varonis Metadata Framework™

Four types of metadata are critical for data governance:

  • User and Group Information - from Active Directory, LDAP, NIS, SharePoint, etc.
  • Permissions and File System Information - knowing who can access what data in which containers
  • Access Activity - knowing which users do access what data, when and what they've done
  • Sensitive Content Indicators - knowing which files contain items of sensitivity and importance, and where they reside

The Varonis Metadata Framework™ non-intrusively collects this critical metadata, generates metadata where existing metadata is lacking (e.g. its file system filters and content inspection technologies), preprocesses it, normalizes it, analyzes it, stores it, and presents it to IT administrators in an interactive, dynamic interface.

About Varonis Systems

Varonis is the leader in unstructured and semi-structured data governance for file systems, SharePoint and NAS devices, and Exchange servers. Named a "Cool Vendor" in Risk Management and Compliance by Gartner and voted one of the "Fast 50 Reader Favorites" on FastCompany.com, Varonis has more than 4,000 installations worldwide. Based on patented technology and a highly accurate analytics engine, Varonis' solutions give organizations total visibility and control over their data, ensuring that only the right users have access to the right data at all times. Varonis is headquartered in New York, with regional offices in Europe, Asia and Latin America, and research and development offices in Hertzliya, Israel.

Varonis, the Varonis logo, DatAdvantage and DataPrivilege are registered trademarks of Varonis Systems in the United States and/or other countries and Data Classification Framework and Metadata Framework are under a registration process in the United States and/or other countries. All other product and company names and marks mentioned in this document are the property of their respective owners and are mentioned for identification purposes only.

[1] Your Data Protection Strategy Will Fail Without Strong Identity Context, Forrester Research, Inc., July 29, 2011