Levels of Data Protection

Wednesday, I spoke at ISSA’s monthly chapter meeting in Colorado Springs. Speaking at ISSA chapter events is great, because it’s always an intelligent crowd that quickly grasps issues around data...
Brian Vecci
1 min read
Last updated June 9, 2023

Wednesday, I spoke at ISSA’s monthly chapter meeting in Colorado Springs. Speaking at ISSA chapter events is great, because it’s always an intelligent crowd that quickly grasps issues around data governance.

At this particular event I gave a presentation on how we can reduce organizational risk by leveraging metadata and automation—coincidentally enough, two things that Varonis excels at. The basic argument was that data protection centers around three control areas:

  • Authentication
  • Authorization
  • Access Auditing and Analysis

Get a Free Data Risk Assessment

Authentication is the mechanism by which we identify that the person who’s trying to access a system—in this case our unstructured and semi-structured data—is who he says he is. This is something we have a lot of good options for. With strong passwords, one-time password tokens, biometrics and other authentication factors, an organization can have reasonable confidence about who’s actually accessing the data.

The next step control area is authorization, which is making sure that the user is actually allowed to access the data. Unlike authentication, this is usually much harder. If a SharePoint site is open to Authenticated Users, for example, we’re not making any attempt at authorization since we’re assuming everyone who’s authenticated is also authorized, which isn’t always the case. Much of what we do with data governance is helping to increase the accuracy and effectiveness of our authorization. Making sure only the right people have access to the right data means making sure that only the right people are authorized.

The final control area is access auditing, which is about ensuring that the controls we’ve put in place for authentication and authorization are working as designed. With unstructured data, a complete audit trail of file activity traditionally hasn’t been available, which has meant it’s been difficult to audit the access to that data,  difficult to check potential access against actual access, and difficult to spot possibly abusive behavior.

The presentation we gave at ISSA showed how an automated data governance solution can be used to address these data protection levels. We’ll share some of the specifics in future posts.

What should I do now?

Below are three ways you can continue your journey to reduce data risk at your company:

1

Schedule a demo with us to see Varonis in action. We'll personalize the session to your org's data security needs and answer any questions.

2

See a sample of our Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation.

3

Follow us on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more.

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.

Keep reading

Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

are-you-prepared-for-a-supply-chain-attack?-why-supply-chain-risk-management-is-essential
Are You Prepared For a Supply Chain Attack? Why Supply Chain Risk Management is Essential
Learn how to spot supply chain risks, attacks, and how to properly defend against them with an effective supply chain risk management strategy.
saas-risk-report-reveals-exposed-cloud-data-is-a-$28m-risk-for-typical-company
SaaS Risk Report Reveals Exposed Cloud Data is a $28M Risk for Typical Company
The Great SaaS Data Exposure examines the challenge CISOs face in protecting data across a growing portfolio of SaaS apps and services such as Microsoft 365.
speed-data:-the-benefits-of-simplicity-with-mark-bruns
Speed Data: The Benefits of Simplicity With Mark Bruns
CISO Mark Burns shares cybersecurity knowledge amassed over 25 years, the pros and cons of gen AI, how to protect data, and why compromise is key.
speed-data: why-cybersecurity-is-an-unceasing-progression-with-siwar-el-assad
Speed Data: Why Cybersecurity is an Unceasing Progression With Siwar El Assad
Siwar El Assad chats about the impact of cybersecurity on modern society, the reality of breaches, and how a chance encounter led Siwar to the industry.