420 likes | 527 Views
Bring your own service. The Effects of Cloud Services on Compliance and Data Protection. About varonis. Founded in 2004 , started operations in 2005 Over 1800 Customers Over 4500 installations Offices on 6 continents
E N D
Bring your own service The Effects of Cloud Services on Compliance and Data Protection Varonis Systems. Proprietary and confidential.
About varonis • Founded in 2004, started operations in 2005 • Over 1800 Customers • Over 4500 installations • Offices on 6 continents Based on patented technology and a highly accurate analytics engine, Varonis solutions give organizations total visibility and control over their unstructured data, ensuring that only the right users have access to the right data at all times from all devices, all use is monitored, and abuse is flagged. Varonis Systems. Proprietary and confidential.
Example: Cloud File Sharing Explosion • Public cloud file sharing has exploded • As of November 2012, Dropbox claimed to have 100,000,000 customers Varonis Systems. Proprietary and confidential.
Why do people love Dropbox? • It’s easy! • You have a folder • You put stuff in it • It syncs • With allyour devices • With the people you want to share with • Services like this make BYOD work • …but does BYOS work for business? Varonis Systems. Proprietary and confidential.
Hey boss, can I use Dropbox? Varonis Systems. Proprietary and confidential.
No.=( Varonis Systems. Proprietary and confidential.
Varonis BYOS Survey Results of companies currently do not allow cloud-based file synchronization of companies are satisfied with the controls that cloud-based file sync services have in place of companies are not satisfied but are going ahead anyway Varonis Systems. Proprietary and confidential.
Access rights and Authorization • Why not? worried about maintaining correct access rights and authorization Varonis Systems. Proprietary and confidential.
Authentication • Why not? worried about authentication Varonis Systems. Proprietary and confidential.
Auditing & Data Loss • Why not? worried about data loss or auditing access activity Varonis Systems. Proprietary and confidential.
FEARED Consequences Downtime Loss of productivity Compliance violations Data theft Varonis Systems. Proprietary and confidential.
So, will you ever allow Dropbox? IT plans to allow cloud-based file sync No Yes Varonis Systems. Proprietary and confidential.
Too bad! We’re using them anyway 1 in 5 employees already use Dropbox for work! Source: Nasunihttp://www6.nasuni.com/shadow-it-2012.html Varonis Systems. Proprietary and confidential.
Doing nothing means we’ll lose control Varonis Systems. Proprietary and confidential.
What if… …you could manage them in the same way you can manage internal resources? Yes No Varonis Systems. Proprietary and confidential.
Let’s Have our cake and eat it, too • Give users what they want: • Simplicity • Accessibility • Mobile support • Give organizations what they need: • Control • Compliance • Security Varonis Systems. Proprietary and confidential.
How do we do this? Varonis Systems. Proprietary and confidential.
What are the options? Varonis Systems. Proprietary and confidential.
Cloud To the cloud! Varonis Systems. Proprietary and confidential.
Do you have an existing infrastructure? No Yes No Yes Varonis Systems. Proprietary and confidential.
Controls in the Cloud • Data stored in the cloud is still subject to the same risks as internal data • According to the Information Commissioner’s Office (ICO), you’re still responsible for your data even if it’s stored in the cloud Varonis Systems. Proprietary and confidential.
Don’t forget to pack… • Backup & recovery processes (BCP/DR) • Authorization processes (entitlement reviews, authorization workflows) • Retention & Disposition • Content inspection • Access auditing • Change management Varonis Systems. Proprietary and confidential.
Internal Extend your existing infrastructure Varonis Systems. Proprietary and confidential.
Do you have an existing infrastructure? No Yes Varonis Systems. Proprietary and confidential.
What do we need? • We need to provide client for mobile devices and laptops • We need to provide file sync • We need to authenticate with Active Directory • We need to enforce existing permissions • We need to coexist with all the internal controls we mentioned before (backup, classification, etc.) • Would be ideal to be able to have everything contained in our own infrastructure Varonis Systems. Proprietary and confidential.
Varonis DatAnywhere Provide cloud usability using only existing infrastructure: • There’s a folder • You put stuff in it • It syncs… • With your existing storage (NAS, file servers) • Using Active Directory credentials • Using your existing file system permissions Varonis Systems. Proprietary and confidential.
Step 1: Login Login with your domain credentials (Active Directory) and/or multi-factor authentication Varonis Systems. Proprietary and confidential.
Step 2: Collaborate Your sync’d folders appear in explorer Changes sync to your CIFS servers Varonis Systems. Proprietary and confidential.
See Sync Speeds and Notifications Varonis Systems. Proprietary and confidential.
Mobile Apps Varonis Systems. Proprietary and confidential.
Right click for instant Extra-net Varonis Systems. Proprietary and confidential.
Secure Collaboration with 3rd Parties Set permissions and expiration dates. Share with partners, customers, vendors, and clients. Varonis Systems. Proprietary and confidential.
DatAnywhere Architecture Windows Mac Smart Phone Tablet Sync Manager Sync Worker DN Edge server Windows File Systems CIFS HTTPS NAS DN Edge server Sync Manager Sync Worker Client authorization DatAnywhere Client MS Active Directory Varonis Systems. Proprietary and confidential.
One more thing… Varonis Systems. Proprietary and confidential.
Integrates with Data Governance Suite • Use DatAdvantage to manage permissions • Use DataPrivilege to automate authorization • DatAnywhere activity is recorded by DatAdvantage Varonis Systems. Proprietary and confidential.
Summary • Cloud-style sharing and BYOD may be inevitable • Organizations must choose a direction before the employees choose one for them • Organizations have a choice between moving data to the cloud, or extending their existing infrastructure to provide cloud-style capabilities in-house • Whichever direction your organization chooses, governance will be instrumental for secure collaboration Varonis Systems. Proprietary and confidential.
Varonis Solutions GOVERNANCE Ensure that only the right people has access to the right data at all times, access is monitored and abuse is flagged. ACCESS Use your existing file shares, on your own servers, to provide file synchronization, mobile access, and secure 3rd party sharing. RETENTION Intelligently automate data disposition, archiving and migration process using the intelligence of the Varonis Metadata Framework
Thank you Varonis Systems. Proprietary and confidential.