Varonis Systems Inc., the foremost provider of comprehensive data governance software, yesterday announced the findings of a Technology Spotlight issued by analyst firm IDC, which outlines the emergence of metadata framework technology as a now critical component for managing and securing unstructured and semi-structured data within an organization.
The report, titled “Leveraging Metadata Framework Technology to Take Control of the Information Explosion,” highlights how the widespread use of collaborative content technologies is fueling the aggressive growth of unstructured and semi-structured data. While collaboration produces highly valuable information, it also introduces significant risk due to increasingly complex and dynamic access control requirements.
“Digital integrity is a critical business differentiator for any organization. The high-profile data breaches in the last three years demonstrate that organizations who fail to protect sensitive data will incur serious regulatory and legal liabilities, along with revenue and market share declines,” said Vivian Tero, program director, Governance, Risk & Compliance Infrastructure at IDC. “Visibility, actionable intelligence and automation are critical to managing the explosion of unstructured and semi-structured content in distributed systems.”
Varonis Metadata Framework technology is designed to nonintrusively collect critical metadata about unstructured and semi-structured data. Varonis customers have the ability to completely standardize unstructured and semi-structured data protection and management for their file systems, NAS, SharePoint Sites and Exchange mailboxes and public folders with the Varonis Metadata Framework technology that forms the foundation of Varonis software. Organizations can effectively and automatically manage data access control, ownership, classification, entitlements and authorization processes on the platforms that host unstructured and semi-structured data. The Varonis Metadata Framework enables organizations to expand digital collaboration boundaries safely while at the same time significantly increase IT workforce productivity for daily data protection and management tasks.
“The findings of this technology spotlight underscore the need for organizations to have metadata framework technology in place that automates the process of answering the following questions: Who has access to data, who is using their access, who shouldn't have access, who owns the data, and what data is sensitive?’” said Yaki Faitelson, chief executive officer, president and co-founder of Varonis Systems. “With IT departments already stretched thin, the days of manually verifying data entitlements and remediating compliance violations are not only impractical and time consuming, but also detrimental to a company’s bottom line.”
IDC forecasts that the total digital universe volume will increase by a factor of 44 in 2020. According to the report, unstructured data and metadata have an average annual growth rate of 62 percent. More importantly, high-value information is also skyrocketing. In 2008, IDC found that 22 to 33 percent of the digital universe was high-value information (data and content that are governed by security, compliance and preservation obligations). Today, IDC forecasts that high-value information will comprise close to 50 percent of the digital universe by the end of 2020.
Drivers for a metadata framework include:
Data loss is rising: IDC research notes that organizations average 14.4 unintentional data losses a year, mostly through employee negligence. Organizations need to ensure that controls are in place to mitigate the risks of data leakage, theft, loss and integrity arising from excessive access rights and permissions and non-existent audit trails. Excessive and/or out of date privilege and access rights were considered as having the most financial impact on the organization.
IT is drowning in the data deluge: IT budgets are, on average, growing at less than one-fifth the forecasted annual growth rates of digital information, according to IDC. At the same time, manual approaches to managing and protecting information have become unwieldy, error-prone and ineffective. IT needs automated analysis of the permissions structure to determine which containers require ownership, and analysis of actual access activity to identify likely data owners.
Stale data impacts the bottom line: Inactive and orphaned folders can be as high as 70 to 85 percent of the data in distributed systems. The majority of organizations have no process to identify the owner of files, and many are unable to determine which individuals and roles are authorized to access the data.
Impact on the cloud: Without adequate information on the security and compliance profile of the data – including data ownership, access controls, audits and classification – cloud computing initiatives are amorphous and imprecise. CFOs and CIOs will be hesitant to move critical data and processes into the cloud without visibility on access and ownership, traceability and data segregation.
Automation is key to success: Too often, users have access to significant amounts of data that isn’t relevant to them. Organizations therefore need to ensure that users and roles are aligned to correct groups, and that these groups enable access to the appropriate data containers.