Case Study

How A Large U.S. Insurance Company Cleaned Up 3 Million At-Risk Folders in Under Two Weeks With Varonis Automation Engine

3 Million

at-risk folders

140,000

folders with sensitive data

60 TBs

of overexposed data

“Without Varonis to go through our shared drive and identify where PHI, PII, and other sensitive data was at risk, cleaning up all of our folders would have been impossible.”

Senior Security Engineer, IT Department, U.S. Insurance Company

Challenge

An internal audit found large amounts of inactive data, PII data open to all users, and a huge number of broken ACLs. They had a pressing need for data classification and permission remediation in order to mitigate risk and ensure HIPAA and SOX compliance.

But solving the issue wasn’t easy. Over 75% of their data was stale—increasing cost and risk, while adding little value. All of it needed to be classified and then archived or deleted. Their organization’s complicated folder structure made manually locating sensitive, regulated data within their unstructured environments difficult. They had no visibility into their unstructured data, and no way to identify data owners.

The audit also revealed almost 3 million at-risk folders, including 140,000 folders with sensitive data that were open to everyone. Using custom PowerShell scripts to find and fix permissions for all 3 million folders was a nearly impossible (and potentially risky) task.

“Setting up Automation Engine took less than half an hour. There was no need for configuration; we just turned it on and let it run. Automation Engine immediately started fixing our broken ACLs and permissions in the background.”

Senior Security Engineer, IT Department, U.S. Insurance Company

Solution

  • Remediation of over-exposed data: With 3 million folders open to everyone, this organization needed a way to put global group access remediation on autopilot. Two weeks later, Automation Engine finished cleaning up their massive access control list. All 3 million folders—60 terabytes of over-exposed data—were fixed.
  • Visibility and identification of sensitive HIPAA and SOX data on file shares: DatAdvantage and Data Classification Engine were instrumental in helping them find sensitive data, audit existing permissions, and begin limiting access to critical, protected folders.
  • Advanced threat detection and response: DatAlert is their first line of defense against suspicious behavior. It’s an advanced threat detection and response system that provides daily protection with hundreds of built-in threat models.

“Without Varonis to go through our shared drive and identify where PHI, PII, and other sensitive data was at risk, cleaning up all of our folders would have been impossible.”

Senior Security Engineer, IT Department, U.S. Insurance Company

Customer Profile

  • Location: U.S.
  • Industry: Insurance

Read more

Get the full case study and see how this re-insurance company uses Varonis to protect sensitive data.

Download PDF

Does your cybersecurity start at the heart?

Get a highly customized data risk assessment run by engineers who are obsessed with data security.