POLICY PACK
Get Ahead of Privacy Regulations with Expert-Built Classification Rules
Policy Pack is an ever-expanding library of accurate and comprehensive rules to find and protect GDPR and CCPA data.

“Varonis gives us the insight and immediate alerting we need to protect our customers and meet data privacy requirements. I don’t know how we would have achieved GDPR compliance without Varonis.”
INFORMATION SECURITY MANAGER
GLOBAL MANUFACTURING COMPANY
400+ GDPR and CCPA Rules and Counting
Never write another complex RegEx to find personal data.
Policy Pack enhances Data Classification Engine with hundreds of new patterns that can accurately discover personal information specific to the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
We update the patterns and rules automatically to equip you with the latest changes in data privacy laws so you’ll never fall behind.

Pinpoint Accuracy at Petabyte Scale
Our classification engine goes beyond regular expressions and includes pre-built databases of known-valid values, proximity matching, negative keywords, and algorithmic verification to generate high-fidelity results.
We do a lot of extra work to make sure you get accurate classification results with few false positives.

GDPR & CCPA Visibility Across Your Entire Environment
Varonis continuously discovers unstructured and semi-structured data on premises and in the cloud, on Windows servers, NAS devices, SharePoint, UNIX/Linux servers, and Office 365 (OneDrive and SharePoint Online), with support for file types such as .doc, .pptx, .xlsx, .zip, .rar, .pdf and many more.

Don’t Just Find Personal Data.
Protect It.
Finding personal information is only the first step toward data privacy. With the Varonis Data Security Platform, you can protect it with confidence.

Visualize Exposed Personal Data
Prioritize risk based on sensitivity, exposure, and staleness. Demonstrate remediation progress with dashboards that track PII exposure over time.

Rapidly Reduce Your Attack Surface
Automatically restrict access to personal information and minimize its exposure with the Automation Engine.

Take the Pain out of DSARs
Fulfill data subject access requests (DSARs) and Right to be Forgotten requests with ease using DatAnswers. Export the results to be moved, deleted, or quarantined.

Enforce Data Protection Policies
Reduce risk by finding stale personal information and moving, archiving, or deleting it with a Data Transport Engine rule.
Monitor & Protect PII with Advanced Threat Detection
Detect potential breaches by monitoring how regulated personal data is accessed. Use DatAlert to prevent data leaks and help meet breach notification requirements and reduce your risk of fines for non-compliance.

Varonis’ out-of-the-box threat models use machine learning to build behavioral profiles over hours, days and weeks for every user and device, so when they behave abnormally, they get noticed.
GDPR was data accessed in the past 24 hours
An unusual amount of data was uploaded to an external website after accessing GDPR data
An unusual amount of data was uploaded to email websites after accessing GDPR data
Access to an unusual number of idle GDPR files
Low and slow increase in number of idle GDPR files accessed
Unusual number of GDPR files deleted or modified
Permission changes: Global Access Groups added to folder with significant GDPR data
Unusual number of GDPR files with denied access
Abnormal service behavior: access to atypical folders containing GDPR data
Want to take a deeper dive?
Take a closer look at how Varonis classifies personal information related to privacy regulations and other sensitive data in this free recorded masterclass on the Data Classification Engine.
FAQFrequently Asked Questions
What policies are covered by Policy Pack?
What do I need to do when there are updates to Policy Pack?
What else do I need to run Policy Pack?
How long does Varonis take to scan my data?