Case Study

How Varonis Helped a Global Manufacturing Company Avoid a Data Loss Disaster & Tackle GDPR Compliance

79%

decrease in folders with open access

GDPR

compliance support

Terabytes

of stale data deleted or archived

“Varonis gives us the insight and immediate alerting we need to protect our customers and meet data privacy requirements. I don’t know how we would have achieved GDPR compliance without Varonis.”

Manager, Information Security, Global Manufacturing Company

Challenge

At 4 a.m. on a Sunday morning, a major manufacturing company (anonymous by request) that generates over $1.5B in annual revenue was faced with a serious problem. Someone had deleted an entire shared drive.

Fortunately, the company was in the midst of a proof of concept (POC) of Varonis when the incident occurred. Varonis sent the Information Security Manager an alert as soon as it detected the anomaly—and it enabled them to get ahead of a potentially costly situation.

The incident highlighted the company’s need for more robust data security. Overpermissiveness had left their servers vulnerable to insider and outsider threats—and put them at risk of non-compliance with data protection regulations like GLBA and GDPR.

It was an ongoing problem that the Information Security Manager couldn’t seem to get
ahead of—the task was a massive undertaking and their small team was stretched thin.

“We knew there were issues, but we didn’t have the hard numbers to show the higher-ups what we were talking about. Varonis’ Data Risk Assessment gave us the ammunition we needed to show our management board the actual risks we had in our environment.”

Manager, Information Security, Global Manufacturing Company

Solution

  • Remediation of over-exposed data: Automation Engine is a fast, efficient, and safe way to remove global group access across a huge volume of at-risk folders. With it, the small team is able to set and forget remediation, fixing thousands of folders without lifting a finger.
  • Ensuring personal data meets regulatory requirements: Data Classification Engine automatically scans and classifies sensitive data, both on their Windows servers and shared drives. Data Classification Policy Pack (formerly called GDPR Patterns) gives them a vast library of pre-built rules and patterns to help pinpoint EU citizen data in order to comply with GDPR.
  • Protecting from insider and outsider threats: The DatAlert Suite provides day-to-day monitoring for their servers. The powerful threat detection and response system helps mitigate the risk of insider threats, defend against cyberattacks like ransomware, and trace suspicious activity to its source.

“Varonis helps us achieve GDPR compliance by scanning and
classifying EU citizen data. Before, if someone asked us to delete
all of their personal data, we would have no way of knowing where
it was. With Varonis, we can create custom rules to search for that
information and effortlessly delete it if we no longer need it.”

Manager, Information Security, Global Manufacturing Company

Customer Profile

  • Industry: Manufacturing
  • Revenue: Over 1.5 Billion

Read more

Get the full case study and see how this manufacturer uses Varonis to protect sensitive data.

Download PDF

Does your cybersecurity start at the heart?

Get a highly customized data risk assessment run by engineers who are obsessed with data security.