Case Study

How a Global Financial Firm Reduced Exposed Sensitive Data by 86% with Varonis

86% drop

in exposed sensitive data

GDPR & CCPA

compliance

>38,400

hours saved annually

“Before Varonis, we didn’t have a clear picture of our permissions landscape. With Varonis, we were able to pinpoint those issues and remediate global group access within the span of two weeks.”

Senior Data Analyst, Security Team, Global Financial Firm

Challenge

As a financial services firm, one Varonis client (anonymous by request) is responsible for protecting a host of sensitive data. The firm needed an efficient way to locate and identify sensitive data in their on-premises servers.

The firm is also responsible for ensuring compliance with all current and future data
privacy regulations, including the California Consumer Privacy Act (CCPA) and the EU General Data Protection Regulation (GDPR).

Insider and outsider breaches had cost other companies untold brand damage and resulted in significant intellectual property loss. To avoid the same fate, this firm needed more visibility into where it was exposed and the ability to lock down global group access.

But they had no idea how widespread the issue actually was until a Data Risk Assessment revealed that almost 50,000 sensitive files were overexposed.

“DatAdvantage was eye-opening in terms of what we needed to fix to address user privacy. We didn’t realize we had so much overexposed information, so being able to capture it and immediately work toward remediation was a big win.”

Senior Data Analyst, Security Team, Global Financial Firm

Solution

  • Visibility and Control of sensitive on-prem data: DatAdvantage for Windows, Exchange, and Directory Services supports the firm’s on-prem data stores and email. It automatically maps who is able to access sensitive data, who is actually accessing sensitive data, and areas where overexposure has left them vulnerable to a data breach.
  • Data classification and regulatory compliance support: Data Classification Engine enables them to work toward their primary goals: data inventorying and privacy remediation. Data Classification Policy Pack enhances data classification via a vast library of pre-built rules and patterns. By automatically enforcing data privacy standards laid out by regulations such as GDPR and CCPA, Policy Pack streamlines compliance efforts.
  • Advanced threat detection and response: DatAlert Suite provides real-time monitoring and alerting of all critical systems. The firm is now exploring Splunk integration, which will allow them to query and correlate Varonis alerts using Splunk Enterprise.

“When we consider how long manual remediation takes, the extra
people we would need to hire, their hourly wages or salaries, and the
desk space we’d have to provide, I’d say Varonis saves us a minimum
of 38,400 hours in a given year. And that’s a conservative estimate.

Senior Data Analyst, Security Team, Global Financial Firm

Customer Profile

  • Location: U.S.
  • Industry: Finance

Read more

Get the full case study and see how this financial firm uses Varonis to protect sensitive data.

Download PDF

Does your cybersecurity start at the heart?

Get a highly customized data risk assessment run by engineers who are obsessed with data security.