Options, global provider of infrastructure as a service (IaaS) products to the financial services sector, has chosen data permission and auditing solutions from Varonis to protect its clients.
Options has over 130 financial services clients around the world and needed to reassure them that, as an outsourced IT provider, it had the right technology in place.
Each of Options’ clients has its own dedicated virtual NAS servers and its own file permissions. These number hundreds of servers globally, with hundreds of terabytes of data. Options has deployed Varonis DatAdvantage to monitor and report on them.
“Our customers needed to know that no-one was changing their file permissions or accessing files behind the scenes,” commented John Bryant, CTO of Options. “Clients needed to be confident that when they requested a change it was being done appropriately, that only changes the clients were sanctioning were going through on the platform and only authorised changes were being applied to the system.”
David Gibson, VP at Varonis, said data protection is necessary to safeguard any businesses’ customers, employees, business partners and investors, and particularly within the business environment Options operates in, the financial services industry. “It is vital for maintaining the organisational trust.”
This is what the Varonis DatAdvantage solution offered, with a metadata framework that able to handle a fast growing volume of users. “Most of our customers operate within a highly-regulated environment, and needed to show their investors they have partnered with the right IT firm,” added Bryant.
Gibson said DatAdvantage not only provides a complete, bi-directional view into the permissions structure of unstructured and semi-structured file systems, but a complete audit trail of who is accessing data and changing permissions. It also features recommendations and modelling, and data ownership identification in its extensible framework.
Options is using DatAdvantage to replace previously scripted reports and will allow for the generation of additional automated reports in the future. “DatAdvantage also lets us perform ‘what if’ scenarios which we could not do before. Now, our support desk can assess the impact of a change before it happens, and ensure changes are correctly applied,” explained Bryant.
“Before Varonis came on board, reporting was a time consuming and onerous process,” said Bryant. “It was a manual effort that required engineers with scripting knowledge.”
Varonis allows Options to avoid degrading performance while still offering the same visibility of access activity and change. DatAdvantage aggregates Active Directory user and group details, ACL information and all data access events, without the need for native OS auditing. This allows clients to build a complete picture of who can and who is accessing data, and who should have their access revoked, ensuring that only the right people have access to the right data at all times, all use is monitored, and abuse is flagged.
“Everyone talks about intrusion prevention, but actually, the vast majority of attacks happen from within your own four walls, by one of your own employees,” said Bryant.
DatAdvantage has allowed Options to add to its portfolio of services, to give clients true transparency. Clients can now see permissions and activity on their own file shares, and see that nothing untoward is happening, he concluded.
For the full Varonis case study on Options, visit http://www.varonis.com/customers. To find out more about Varonis and DatAdvantage, visit www.varonis.com.
About Varonis
Varonis is the foremost innovator and provider of access, governance, and retention solutions for human-generated data, the fastest-growing and most sensitive class of digital information. Based on patented technology and a highly accurate analytics engine, Varonis solutions give organisations total visibility and control over their data, ensuring that only the right users have access to the right data at all times from all devices, all use is monitored, and abuse is flagged.
Varonis makes digital collaboration secure, effortless and efficient so that people can create and share content easily, and organisations can extract more value from their content while being confident that it is protected and managed efficiently.
Voted one of the “Fast 50 Reader Favorites” on FastCompany.com, and winner of the SC Magazine Innovation, Product or Service of the Year, and Best Network Security Awards, Varonis has more than 5,000 installations worldwide and is headquartered in New York, with regional offices in Europe and Asia.
Varonis, the Varonis logo, DatAdvantage®, DataPrivilege® and the IDU Classification Framework® are registered trademarks of Varonis® Systems in the United States and/or other countries and Metadata Framework™, DatAnywhere™, and Data Transport Engine™ are under a registration process in the United States and/or other countries. All other product and company names and marks mentioned in this document are the property of their respective owners and are mentioned for identification purposes only.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.