1 / 40

Bring your own service

Bring your own service. The Effects of Cloud Services on Compliance and Data Protection. About Varonis. Founded in 2004 , started operations in 2005 Over 1800 Customers Over 4500 installations Offices on 6 continents

yehuda
Download Presentation

Bring your own service

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Bring your own service The Effects of Cloud Services on Compliance and Data Protection

  2. About Varonis • Founded in 2004, started operations in 2005 • Over 1800 Customers • Over 4500 installations • Offices on 6 continents Based on patented technology and a highly accurate analytics engine, Varonis solutions give organizations total visibility and control over their unstructured data, ensuring that only the right users have access to the right data at all times from all devices, all use is monitored, and abuse is flagged.

  3. BRING YOUR OWN DEVICE

  4. BRING YOUR OWN SERVICE

  5. Example: Cloud File Sharing Explosion • Public cloud file sharing has exploded • As of November 2012, Dropbox claimed to have 100,000,000 customers

  6. Why do people love Dropbox? • It’s easy! • You have a folder • You put stuff in it • It syncs • With allyour devices • With the people you want to share with • Services like this make BYOD work • …but does BYOS work for business?

  7. Hey boss, can I use Dropbox?

  8. No.=(

  9. Varonis BYOS Survey Results of companies currently do not allow cloud-based file synchronization of companies are satisfied with the controls that cloud-based file sync services have in place of companies are not satisfied but are going ahead anyway

  10. Access rights and Authorization • Why not? worried about maintaining correct access rights and authorization

  11. Authentication • Why not? worried about authentication

  12. Auditing & Data Loss • Why not? worried about data loss or auditing access activity

  13. Feared Consequences Downtime Loss of productivity Compliance violations Data theft

  14. So, will you ever allow Dropbox? IT plans to allow cloud-based file sync No Yes

  15. Too bad! We’re using them anyway 1 in 5 employees already use Dropbox for work! Source: Nasunihttp://www6.nasuni.com/shadow-it-2012.html

  16. Doing nothing means we’ll lose control

  17. What if… …you could manage them in the same way you can manage internal resources? Yes No

  18. Let’s Have our cake and eat it, too • Give users what they want: • Simplicity • Accessibility • Mobile support • Give organizations what they need: • Control • Compliance • Security

  19. What are the options?

  20. Cloud To the cloud!

  21. Do you have an existing infrastructure? No Yes No Yes

  22. Controls in the Cloud • Data stored in the cloud is still subject to the same risks as internal data • According to the Information Commissioner’s Office (ICO), you’re still responsible for your data even if it’s stored in the cloud

  23. Don’t forget to pack… • Backup & recovery processes (BCP/DR) • Authorization processes (entitlement reviews, authorization workflows) • Retention & Disposition • Content inspection • Access auditing • Change management

  24. Internal Extend your existing infrastructure

  25. Do you have an existing infrastructure? No Yes

  26. What do we need? • We need to provide client for mobile devices and laptops • We need to provide file sync • We need to authenticate with Active Directory • We need to enforce existing permissions • We need to coexist with all the internal controls we mentioned before (backup, classification, etc.) • Would be ideal to be able to have everything contained in our own infrastructure

  27. Varonis DatAnywhere Provide cloud usability using only existing infrastructure: • There’s a folder • You put stuff in it • It syncs… • With your existing storage (NAS, file servers) • Using Active Directory credentials • Using your existing file system permissions

  28. Step 1: Login Login with your domain credentials (Active Directory) and/or multi-factor authentication

  29. Step 2: Collaborate Your sync’d folders appear in explorer Changes sync to your CIFS servers

  30. See Sync Speeds and Notifications

  31. Mobile Apps

  32. Right Click for Instant Extra-net

  33. Secure Collaboration with 3rd Parties Set permissions and expiration dates. Share with partners, customers, vendors, and clients. Set permissions and expiration dates. Share with partners, customers, vendors, and clients.

  34. DatAnywhere Architecture Windows Mac Smart Phone Tablet Sync Manager Sync Worker DN Edge server Windows File Systems CIFS HTTPS NAS DN Edge server Sync Manager Sync Worker Client authorization DatAnywhere Client MS Active Directory

  35. One more thing…

  36. Integrates with Data Governance Suite • Use DatAdvantage to manage permissions • Use DataPrivilege to automate authorization • DatAnywhere activity is recorded by DatAdvantage

  37. Summary • Cloud-style sharing and BYOD may be inevitable • Organizations must choose a direction before the employees choose one for them • Organizations have a choice between moving data to the cloud, or extending their existing infrastructure to provide cloud-style capabilities in-house • Whichever direction your organization chooses, governance will be instrumental for secure collaboration

  38. Varonis Solutions GOVERNANCE Ensure that only the right people has access to the right data at all times, access is monitored and abuse is flagged. ACCESS Use your existing file shares, on your own servers, to provide file synchronization, mobile access, and secure 3rd party sharing. RETENTION Intelligently automate data disposition, archiving and migration process using the intelligence of the Varonis Metadata Framework

  39. Thank You

More Related