ATMI

How ATMI manages data access, file sync and sharing for confidential data

PDF download

The Customer

Location: Danbury, CT

Industry: Manufacturing

Products: DatAdvantage, DatAnywhere

ATMI, an Entegris company, is a global leader in enabling process materials and process technology for semiconductor, display and life science industries. ATMI focuses on delivering process efficiency through fast access to technology innovation, effective production of deliberate outcomes and efficient conversion of process input to process output. Delivering breakthrough improvements in these areas drives innovations in the most demanding high-volume manufacturing environments.

Varonis solidified the security approach and the best practices that we’ve been following. With DatAdvantage, we can quickly audit, report and review our security. Now we’re taking the next step, which is to eliminate some menial tasks of granting and revoking access. From the cloud side, Varonis DatAnywhere gives us a secure and flexible solution for file sync and sharing. It was a very easy and fast to set up – we spent a couple hours with a Varonis engineer, who got it all configured and squared away.

The Challenge

While reviewing the file sharing requirements of ATMI’s 800 employees, the IT department identified over 100 who needed an alternative to public cloud-based services to send files and emails to customers and vendors. Some would have even preferred to use these cloud-based sites to share files internally. ATMI’s IT department knew that uncontrolled cloud usage for corporate data would put the company’s sensitive data at risk and needed an alternative solution. They were also interested in cleaning up their file share repositories, increasing control and visibility over their data.

Evaluation Parameters

DatAnywhere

ATMI’s IT department set a deadline for themselves – by a certain date, they wanted to start using their own internal file sharing solution. The real concern was that if sensitive internal data ended up in the public cloud, there were real risks of data exposure or other security incidents. Like everyone else, the IT team had read about major security breaches in popular cloud file-locker services. ATMI wanted to bring the data in-house and enforce their own security policies rather than relying on a one-size-fits-all service level agreement or SLA. During the DatAnywhere evaluation, they designated a file server from which ATMI employees would be able to access, sync and share data.

DatAdvantage

For several years, ATMI investigated different solutions to help organize their file systems. They wanted a solution that would be able to help them:

  • clean up the permissions on their data
  • identify who had access to data
  • identify sensitive data
  • identify stale data so they could migrate it to cheaper storage

Employees often accidentally moved or deleted important files, and the IT team didn’t have a way to track which files were deleted, where they were moved, or easily restore them to their original locations. Moreover, ATMI wanted to further reduce the risk of employees leaving the organization with company files, and IT was searching for additional controls to prevent potential IP loss.

The Solution

Cloud-style file sharing using existing, internal file shares

Delighted with DatAnywhere’s capabilities, Preston Butler, Director of IT Infrastructure said, “With DatAnywhere, the IT department now controls the data that sits on our servers, and we have full access to it, so if it does get hacked internally, it really is our fault and we have control over that.” End-user reactions to DatAnywhere have also been positive, Preston continued, “I think they have accepted it because they understand the security risks and we’ve been communicating to them for a long time now, so it wasn’t something that we didn’t tell them and they came in on Monday and it happened. We’ve been working with specific groups and are able to pull reports to pinpoint any people who use other, unsanctioned file sharing applications. So it’s been pretty successful; I haven’t heard any uproar at all.”

Monitoring Access and Identifying Data Owners with DatAdvantage

With DatAdvantage’s auditing capability, ATMI is able to monitor user and file access. What’s more, DatAdvantage can extend the logging capability to provide further insights about data use such as identifying data owners. By doing so, data owners can be designated as the person responsible for their data. Reports can be regularly sent to the data owner, such as who has access to their data and who is accessing their data. Also, when a data owner leaves the company, the IT team can easily identify and assign a new one. Because all their data is monitored with DatAdvantage, they’ve been able to identify and clean up stale data. With the information about file access activity collected by DatAdvantage, the IT admins know which files are no longer needed. They remove or archive stale data, ultimately freeing up space on the file servers. Another benefit for ATMI is group consolidation. With DatAdvantage, IT is able to see who assigned permission to folders, who is in each group, and can organize the users into a smaller number of groups. Because DatAdvantage has so many capabilities, ATMI believes they’ve only scratched the surface. What’s next for ATMI’s IT team? They’re already planning to use the DatAdvantage reports to help them with their SOX compliance.

Business Benefits

Data Security

With DatAdvantage and DatAnywhere, ATMI’s IT group feels confident that the data is secure on the network and that access is controlled and audited.

Data owners are accountable for their own data

As data owners are identified, they receive automated reports about their data and permissions, ensuring that the data is in the right hands.