Jump to content
By combining the permissions data, the access events, and sophisticated bi-directional cluster analysis, Varonis determines where users may have excessive permissions, and makes recommendations on how access can be restricted without effecting normal business activity—which groups a user can be removed from/who can be removed from which groups.
Varonis captures every file access event (open, create, delete, modify, move, etc.) and every email event (message sent, received, deleted, moved, etc.) by every person accessing the monitored infrastructure and calculates each individuals daily average number of access events, and their standard deviation for a configurable threshold of days. If, on a given day, a user exceeds their daily average by more than three times their standard deviation (or other defined coefficient), Varonis will generate an alert.
A Varonis user may simulate the removal a user from a group or an access control list change to determine which folders a user or group of users would lose access to should the change be committed. By executing a synchronization routine, Varonis will display the users that have been accessing data using the (simulated) removed permissions, and who have no other permissions to provide access to such data. If the proposed change had been made in the past, these users would likely have initiated a help desk call to ascertain why they no longer had access to data they required.
Varonis aggregates user activity to easily highlight access patterns of interest, including most and least active users (commonly used to identify service accounts and automated processes) and most and least active directories (commonly used to identify critical data and stale data), as well as combinations of users groups and data. Varonis users may also identify data owners by viewing active users on a directory structure or facilitate business continuity planning and data migrations by determining which directories are commonly accessed by a group of users.
Data protection is necessary to safeguard an organization's customers, employees, business partners, and investors. It is fundamental in securing an organization's intellectual property and competitive edge, and for maintaining the organizational trust required for it to properly function. Ongoing, scalable data protection and management require technology designed to handle an ever-increasing volume and complexity—a metadata framework.
The Varonis Metadata Framework™ non-intrusively collects this critical metadata, generates metadata where existing metadata is lacking (e.g. its file system filters and content inspection technologies), pre-processes it, normalizes it, analyzes it, stores it, and presents it to IT administrators in an interactive, dynamic interface. Once data owners are identified, they are empowered to make informed authorization and permissions maintenance decisions through a configurable web-based interface—that are then executed—with no IT overhead or manual backend processes.
Our 30-Day Free Trial provides a full audit of your file system or your SharePoint environment. Audit permissions, auditing access, usage statistics, recommendations, impact analysis, and identification of business owners.
You can instantly conduct a permissions audit: File and folder access permissions and how those map to specific users and groups. You can even generate reports.
Varonis® DatAdvantage® will begin to show you which users are accessing the data, and how.
Varonis® DatAdvantage® will actually make highly reliable recommendations about how to limit access to files and folders to just those users who need it for their jobs.
Get the Varonis View. Sign up for the 30-Day Free Trial.