Varonis for

SharePoint & SharePoint Online

Protect your SharePoint data from overexposure and cyberattacks.

Challenge

SharePoint can be a powerful collaboration tool, but it’s extremely difficult to secure at scale. With hundreds (or thousands) of sites/subsites/libraries, customizable permission levels, link sharing, and local users and groups that can contain AD groups—answering a simple question like “What data can Allen Carey access?” becomes an archeology project.

It’s critical for security and compliance teams to understand where sensitive data is concentrated in SharePoint, who’s using it, what permissions are in place, and to monitor how these controls are changing daily. However, the ability to create and share data has exceeded the capacity to protect it with native Microsoft security tools.

Solution

With Varonis, you can instantly visualize and quantify risk across your SharePoint environment—no matter how large and complex—and proactively reduce your exposure.

Varonis discovers and classifies sensitive information, shows you exactly who has access to data, and captures every single action in a detailed audit trail (without native auditing) so you can detect advanced threats and investigate incidents quickly.

Limit your SharePoint blast radius.

Varonis shows you where sensitive data is exposed externally, to guest users, or to all employees so you can quickly eliminate your most critical risks. Varonis gives you an intuitive view of effective permissions for any user or group, regardless of the permissions source.

Our machine learning analyzes permissions and user behavior to highlight where users have access to data they don’t use or need. Simulate access control changes to minimize their impact and commit with a click.

Classify and lock down data at scale.

Automatically and accurately classify sensitive and regulated data across your SharePoint environment. SharePoint specific risk dashboards and reports give you real-time awareness of your risk posture and help ensure that you are compliant with relevant rules and regulations.

Varonis’ Data Classification Engine has hundreds of built-in policies, dictionaries, and validation rules. Use our labeling engine to apply persistent Microsoft Purview Information Protection (MPIP) labels to sensitive files for encryption, DRM, and more.

Monitor for & investigate suspicious activity.

Varonis expands your field of vision by combining activity from SharePoint and SharePoint Online with other M365 applications as well as on-prem and perimeter telemetry systems to build more complete threat models. Our behavior-based detections correlate activity in SharePoint with login behavior, on-prem data access, and email activity to generate accurate results with few false positives.