On March 7, 2012 Varonis and an Independent Research Firm will present a new approach to DLP that leverages enterprise context awareness.
London: Varonis Systems Inc., the leading provider of comprehensive data governance software has identified a critical missing component to traditional DLP processes - enterprise context awareness – i.e., knowledge of who owns the data, who uses the data, and who should and shouldn’t have access to the data. Traditional DLP solutions that focus on endpoint and network protections commonly fail to fully protect critical data because they focus on symptomatic, perimeter-level solutions instead of addressing a much deeper problem — the fact that users have inappropriate or excessive rights to sensitive information. “For DLP technology to be successful, you must inventory and classify all of your sensitive data and understand your information flows,” advises Forrester. “This is hard to do if you have hundreds, possibly thousands, of terabytes of unstructured data[1].
“Think of it this way, the network and endpoint DLP solutions are like security guards that detain every single patron as they try to leave the bank with cash in hand, without any clues to help sort out the criminals from the customers.” said David Gibson, Director of Strategy for Varonis. “Server DLP dutifully points out that there is a lot of money in the bank, stored in a lot of places but what’s needed is intelligence and automation for the tellers, empowering them to correctly and efficiently govern the dissemination of cash.”
Managing and protecting sensitive information requires an ongoing, repeatable process. The analyst firm Forrester refers to this as protecting information consistently with identity context (PICWIC).
The key to providing the necessary context lies in metadata: To collect and analyze required metadata non-intrusively, to automate workflows and auto-generate reports, and have a reliable operational plan to follow. With the recent advancements in metadata technology, data governance software is providing organizations with the ability to improve DLP implementations by not only automating the process of identifying sensitive data, but also simultaneously showing who has access to it, where it is exposed, what data is in use and who is using it – i.e. provide the needed context for comprehensive DLP.
To see a live demonstration of this new approach to DLP, join Varonis and guest Forrester on March 7 at 1pm ET for a webinar: Enhancing Data Protection with Strong Identity Context
The webinar will show attendees how to leverage enterprise data context for comprehensive data loss prevention. The live webinar will feature David Gibson, Director of Strategy for Varonis and Forrester Principal Analyst Andras Cser, who will discuss:
• Why data breaches matter
• Why DLP and ERM Don’t work on their own
• PICWIC Best Practices (Protecting Information with Identity Context)
• Recommendations for accelerating Data Protection
• Leveraging metadata for enterprise data context
ABOUT THE VARONIS METADATA FRAMEWORK
Four types of metadata are critical for data governance:
• User and Group Information – from Active Directory, LDAP, NAS, SharePoint, etc.
• Permissions and File System Information – knowing who can access what data in which containers
• Access Activity – knowing which users do access what data, when and what they’ve done
• Sensitive Content Indicators – knowing which files contain items of sensitivity and importance,and where they reside.