Why Varonis?
Revoke Unwarranted Permissions
An employee joins a new department or project team, and you get a work order to give the requisite data permissions to this user. That is the last you hear about this person until he or she moves to a new assignment, and a new work order for access comes your way. Naturally, in each case you assign the user to the correct directory groups for access. You have processed many such requests over the last year or two, but few have been to revoke permissions.
This is a very common scenario across organizations of all sizes. File sharing servers are initially deployed with strict controls for access. These controls become more lax over time, though, to accommodate change and business flow. The result is that the majority of your data is much too accessible by users to whom it is not business-relevant. Removing legacy or inadvertently assigned permissions is a highly manual, error prone, and very lengthy process that involves identifying and contacting data business owners one by one. Unless it is imposed by regulations, in many organizations this is a daunting and expensive project that is typically not undertaken.
Varonis lets organizations clean up overly permissive environments and keep them that way. Accuracy and efficiency is ensured by:
- Automating the determination of who should have access (and who should not)
- Continuously updating user-to-data permissions to reflect business change
- Identifying the business owners of data so that revocation verification is expedited