Union Bank UK PLC

How Varonis helps keep Union Bank’s data safe from insider threats and external attacks.




The Customer

Location: London, U.K.

Industry: Financial Services

Products: DatAdvantage for Windows, DatAdvantage for Exchange, DatAdvantage for Directory Services, and DatAlert

London-based Union Bank UK plc is a wholly owned subsidiary of the Union Bank of Nigeria plc, one of the oldest and most respected banks in West Africa.

UnionBank

Before Varonis we had no real view of what was happening on the file servers or changes happening on a day-to-day basis. We can’t afford to spend a large amount of time sifting through logs – we need to stay focused on day-to-day tasks and therefore needed a more efficient approach. It was obvious straight away that Varonis could give us the automated, efficient approach we were looking for. Thanks to Varonis, IT now has better insight into the bank’s data, and that of course reduces security risk, which is something which you can’t always put a price on.

– David Pennant – IT Manager, Union Bank UK

Business Requirements

Visibility into Active Directory, Windows files servers, and Exchange: The bank’s IT team wanted to be able to track changes to the Active Directory as well as file server activity to see if data was being deleted, and who had accessed which data on any particular day.

Enable Compliance: The bank must be prepared to answer questions from auditors such as who had been able to access information on any given day.

Easy Management of Data Access and Permissions: With a small IT team, Union Bank wanted to be able to spend as little time as possible on getting a complete security picture without having to manually trawl through logs.

Prevent Insider Threats: The bank wanted a solution that could monitor and alert on broken permissions and insider activity such as mass file deletions.

Get Ahead of Potential Data Breaches: Malware and ransomware are on the rise, so the financial services firm required a solution that could quickly alert the IT staff to unusual file access behavior, like rapid encryption of files stored on its servers.

The Varonis Solution

The search for a solution to address these requirements led Union Bank’s IT team to Varonis Systems, Inc. and its DatAdvantage and DatAlert solutions. Union Bank’s IT team is now alerted in real-time to any breach of its file systems, and they’re able to put control over file access in the hands of data owners eliminating much of the burden previously placed on their team. They are also able to run fast reports that help them keep an eye on these access privileges and ensure that no one is getting access to data that they do not need.

Visibility Crucial to Improving Security, Ensuring Compliance

Varonis DatAdvantage makes it easy to see from a single interface who can and who does what in the bank’s Windows, Exchange, and Active Directory environments by tracking and monitoring file activity. Union Bank can intelligently identify and govern who owns and can access which data, can report on activity and alert on unusual activity through DatAlert, which uses user behaviour analytics to spot insider threats like abusive administrators, ransomware, compromised accounts, and rogue employees. Keeping files secure when employees decide to leave the company was another important capability identified by Union Bank. Varonis allows the bank to monitor and baseline employees’ access profiles and detect if any files had been copied or moved leading up to their departure.

According to David Pennant, IT Manager at Union Bank, “Varonis DatAdvantage takes away the guesswork and allows us to easily set up rules and get reports on changes to files and folders. If we have an auditor come in, we don’t need to worry because we know that with Varonis, any question the auditor might have can be answered.”

Pennant continued, “We wanted to be able to track changes to Active Directory and file servers – if the data was being deleted, who’d accessed what on a particular day. That wasn’t easy to do without Varonis. Now thanks to DatAdvantage it’s very straightforward.”

He added, “It was like spring cleaning. Once we started with Varonis, it quickly became addictive because it was so simple to do. Now we can very easily see who owns which folders and who can access them. We’re able to flag any that need remediation and then go back and carry out the fixes later if need be.”

Other DatAdvantage features that appealed to Union Bank’s IT team included:

  • DatAdvantage is one platform that covers all systems as a whole and not in disparate places. With other products, Pennant found they either covered Active Directory or Exchange, but not together.
  • With DatAdvantage, Union Bank can intelligently identify and govern who owns and can access which data, create alerts, and report on activity.
  • DatAdvantage combines user and group information taken directly from Active Directory with the permissions metadata on their file systems to deliver a complete picture of the organisation’s access control landscape.
  • Using this intelligence, DatAdvantage can automatically highlight users and groups that are inactive, redundant, or unnecessary, and highlight areas where permissions can be safely reduced. This allows Union Bank to quickly troubleshoot problems, reduce risk, and answer questions about who can access data.
  • DatAdvantage monitors every touch of every file on the file system, normalizes, processes, and stores them so that they are quickly sortable and searchable. Detailed information for every file event is provided, and all data can be reported on and provided to data owners.

Results

The Varonis solutions have helped Union Bank significantly reduce the time it takes for the IT team to find out who is accessing, using, and deleting information from its Windows and Exchange environments. This not only helps improve security, but it also decreases the time it takes to conduct internal audits and create reports.

Pennant reported, “Varonis DatAdvantage takes away the guesswork and allows us to easily set up rules and get reports on changes to files and folders. If we have an auditor come in, we don’t need to worry because we know that with Varonis, any question the auditor might have can be answered.”

Pennant also said that to try and tidy up file shares and Active Directory without Varonis “would have taken a lot of time” and that he can more easily answer questions from executives about emails being sent or opened, which can be complicated to do in Exchange.

Before Varonis we had no real view of what was happening on the file servers or changes happening on a day-to-day basis. We can’t afford to spend a large amount of time sifting through logs – we need to stay focused on day-to-day tasks and therefore needed a more efficient approach. It was obvious straight away that Varonis could give us the automated, efficient approach we were looking for. Thanks to Varonis, IT now has better insight into the bank’s data, and that of course reduces security risk, which is something which you can’t always put a price on,” concluded Pennant. 

***

Varonis Risk Assessments quickly show you where your most vulnerable data is stored, who is accessing it, and what needs to be done to secure it. Find out more here.