Data Access

Ensure compliance and get to least privilege by giving business users the power to review and manage access controls without IT assistance.

Get A Demo

Streamline access governance for your files

Empower data owners to view and manage permissions to files, folders, SharePoint sites, and security groups--all with an intuitive web UI. No admin rights needed. DataPrivilege handles all of the changes seamlessly behind-the-scenes once all approvals are met.

Reduce the burden on IT

Get a near-immediate ROI by transferring access decisions to business users with the most context.

Ensure compliance

Demonstrate to auditors that you’ve got processes in place to ensure regulated data is continually protected.

Automatically enforce security policies

Detect and automatically prevent access control changes that would violate your business rules.

Get a Demo

Access Certifications

Make sure that access to groups, distribution lists and sensitive business data is consistently reviewed by the right people.

Certifications are delivered directly to data owners which lets them see who currently has access to their data and make changes without any involvement from IT. Our machine learning algorithms flag users that probably shouldn’t have access anymore, making reviews quick and easy.

Access Control Workflows

Authorization workflows let users request access to folders, groups, distribution lists, and SharePoint sites, folders, and lists through an easy-to-use web form. Each request is routed to the proper stakeholders based on the workflows you setup.

Handling access requests is as simple as replying to an email. Once approved, access is automatically granted by DataPrivilege without any involvement from IT.

Automated expiration

Assign an expiration date on an authorization to ensure access is revoked automatically

Intelligent access

Automate permission grants and revocation based on user attributes, and enforce ethical walls at the same time

Approvals by email

No need to open a special app or leave your inbox to approve or deny an access request - simply reply directly via email


Self-Service portal

Data owners can review access to their data at any time, make permissions changes, monitor data usage, export permissions reports, and get statistics and recommendations for their data sets — all with an intuitive web portal, and without IT’s help.

Integrate with IAM (Identity and Access Management) and ITSM (IT Service Management) solutions

Synchronize managed data with your IAM/ITSM solution

Return instructions to DataPrivilege to execute and report on requests and access control changes

Externally control DataPrivilege entitlement reviews, self-service access workflows, ownership assignment, and more

Today users can request access to a group, and the data owners are automatically involved in the decision to either grant or revoke access without IT intervention. This not only speeds the process up, but also frees up IT to perform other tasks.

Serena Lee, Senior Security Analyst, AXA Wealth

Security and compliance driven by the business

Enforce segregation of duties

Use ethical walls to automatically prevent new requests from being approved that would violate your business rules, detect and notify you of any existing rule violations, and correct them.

Built-in compliance reporting

All actions are audited. Authorizations, entitlement reviews and other management reports provide evidence of process adherence and help satisfy compliance requirements.

Securely provision new shares

Ensure that newly created shares are only accessible to the right people from the start.

Custom entitlement review schedules

Set up different schedules for your entitlement reviews based on department, data sensitivity, and more. You can also recertify data on an ad-hoc basis.

100% browser-based

No need for end-users to install applications. They can review access, run reports, and make changes right within their web browser.

Multiple authorizers

Data owners and authorizers can respond to permissions requests directly via email, in multiple languages, or within the DataPrivilege web application.

Support for server local groups

DataPrivilege allows you to set administrative access through local groups: delegate privileges with automated expiration of access.

Share permission restructuring

Edit standard predefined permission types, permission levels, and custom masks and flags.


FAQFrequently Asked Questions

General Information

  • How do I approve or deny requests?

    You can either click a link directly in an email to approve or deny a request, or log into into the DataPrivilege web UI.

  • What if I don’t want data owners to have admin rights?

    Data owners can only manage users for shares and groups that they own.

    There's no need to grant data owners additional access rights to any other shares or groups.

  • Can DataPrivilege manage distribution lists?

    Yep - DataPrivilege manages distribution lists/ groups in the same way we manage shares.

    Each distribution list has an assigned owner that approves/denies/reviews the membership of the group, and they are responsible for who is in that distribution list.

  • How can I change owners if somebody leaves?

    Changing owners for a share or a group is simple - and you can do it directly in the UI. You can even search for all items with the previous owner to streamline the updates.

  • Can I pull owners from a CMDB?


    If you have previously identified data owners in a different system, you can import that list into the DataPrivilege database, setting those users as data owners for those shares.

Interested in seeing Varonis in action?

Request a demo or contact sales at 877-292-8767