Data Security

Platform Overview

Prepared for: SSI (Davao)

 “Varonis is a top choice for
organizations prioritizing deep
Varonis is the data visibility, classification
capabilities, and automated
leader in data remediation for data access.”
– Forrester Wave™: Data Security Platforms, Q1 2023
security.
Rated #1 in two markets.
○ Founded in 2005
○ IPO in 2014 (Nasdaq: VRNS)
○ More than 7,000 customers
○ >90% customer renewal rate

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.

 Varonis protects your data where it lives

In the cloud and on-prem

…and watches how it’s accessed

Azure AD AD

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.

 Data is out of control

“First, they don’t know what data they have, where it

lives, or where it came from and so unsurprisingly, they
can’t protect it.
That leads to the second problem: employees need to
have too much access to too much data on too many
systems.”
-- Former Twitter CISO

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.

 We see it everywhere…

4,468 user accounts 33 super admin 150,648 sensitive

without MFA accounts records exposed

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.

 Enterprise Data Governance (Over-Simplified)

Why Data Governance? Desired Target State

Important data is classified and tagged correctly, stored in
1 To ‘Find it’. an appropriate location, and properly secured.

Operational controls are in place to consistently apply and

2 To ‘Use it’.
enforce data governance policies.

Auditing and reporting is in place to prove compliance and

3 To ‘Restrict it’.
adherence to policies.

To ‘Watch it’. Automation is in place, providing operational oversight,

4
threat detection and exception management.

5 To ‘Keep it’ ( … or ‘Delete it’ ). The data governance program can be maintained without
overwhelming users or program administrators.

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.

 We help organizations answer these questions

Which folders/files contain critical/sensitive information?

Compliance e.g. PCI, DPA, HIPAA, etc.

Which data is exposed to too many people? Exposed to public?

Who has access to files, folders, mailboxes?

Who is accessing, modifying, moving, deleting files and email?

How do I detect threats (Ransomware, abuse, stolen credentials)?

Who owns data and how do I get them involved?

What data isn’t being used?

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.

 Varonis: security that starts with data
Data, Apps, Infrastructure Analytics & Automation Outcomes

CLOUD
Visibility

Sensitivity

Data Protection

Permissions
Threat Detection &
Response
ON-PREM

Activity
Simplified
Compliance

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.

 Slide Demo

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.

 Visibility: What do we mean by sensitive?

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.

 Visibility: Who has access to sensitive data?

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.

 Visibility: Where do we have risk on prem & in the cloud?

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.

 Visibility: How easily can I drill down on that risk?

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.

 Visibility: Who is using sensitive data?

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.

 Remediation: Automatically Reduce Exposures

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.

 Remediation: Automatically Reduce Exposures

○ Safe remediation for

○ Links that expose sensitive data
○ Stale links & membership
○ Stale permissions
○ OOTB policies that combine permissions,
usage and sensitivity
○ Execute automatically or with an approval
flow
○ Run continually or in a change window

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.

 Remediation: Automatically Reduce Exposures

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.

 Data-Centric Alerts

Amy Johnson Potential threat

Executive Executive

Works from device aj-03154 Logging in from a new device

US-based IP address Atypical geolocation

Behaves like other marketing

Alert
Our threat models alert on
meaningful deviations &
trigger a response.
Behaving unlike her peers
executives
Usually access 10–15 Accessing an abormal amount
documents a day of data
Typically works between
During typical working hours
8–6 p.m. ET

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.

 Data-Centric Alerts

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.

 Automation: Threat Detection & Response

But you don’t have to

manage alerts.

Our experts will call you

proactively to prevent
incidents from becoming
breaches.

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.

 How we start: free risk assessment

○ Map key data stores

○ Analyze permissions & configurations
○ Classify data
○ Capture activity
○ Prioritize risks
○ Concentrations of exposed, sensitive data
○ Open shares, sites, applications
○ Active Directory & SaaS configuration risks
○ Stale data
○ Monitor data usage
○ Enable meaningful, high-fidelity alerts
○ Accelerate Investigations

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.

 What do we need?

○ 1 Windows VM (collector)
○ Windows Server 2019/2022
○ 250 GB on C:\
○ 16GB RAM minimum
○ 8-Core, 2GHz or better CPU
○ Accounts & libraries (see requirements sheet)
○ 1-2 hours

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.

 Thank you

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.

 Positioning Varonis with the Enterprise Security Ecosystem
Data Loss Prevention (MIP
integration)

Data Governance
Classification (Retention and disposition)
SalesForce

Amazon S3
Privacy by Design
Google Drive Business Data (Enterprise security)
Categories
Box
Exception Management
Reporting (Compliance)

Teams

SharePoint Online
Threat Detection and Response
(SoC / SIEM integration)
OneDrive
Varonis Platform Alerting Incident Investigation and Forensics

Windows File Shares

Network-attached storage
Automated Response
(Help Desk integration and reactive remediation)

Personal Drives

SharePoint Data Ownership / Stewardship

Policy and Process
(User self-service)
Definition
Automation
Policy-based Remediation
(User self-service)

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.