RSS Alerts

Share

More services

Related Links

  • Varonis Systems
  • Elsevier Ltd is not responsible for the content of external websites.

Related Stories

Top 5 Stories

News

Infosecurity Europe 2010: Varonis explains need for unstructured data governance

28 April 2010

Most organisations are more than a little worried about the increased penalties that the Information Commissioner's Office is threatening for those that lose their data. So, against this backdrop, Infosecurity sat down with David Gibson, director of technical services with Varonis, a US data governance company, at the Infosecurity Europe show.

According to Gibson, who has been in the IT industry for more than 15 years, whilst conventional IT data audit software logs data accesses and who does what with structured data in most organisations, it is the unstructured data that companies should be concerned about. Unstructured data has no commonly used access log, and permissions are managed manually.

Unstructured data, he argues, is potentially the source of a data leak in many businesses, for the simple reason that it tends to be stored but not fully audited. And if you can't audit the data, he says, you cannot determine what data is sensitive, who’s accessing this data and what they’re doing with the data.”

Varonis' approach to this issue has been to develop an Intelligent Data Use (IDU) framework within the Varonis Data Governance Suite , which is billed as identifying who’s accessing data -- producing actionable results much faster than conventional data classification systems by uniting data classification technology with a layer of meta-data to guide searches for files containing sensitive information.

Instead of looking at every file in a linear manner, the Varonis IDU data classification framework uses its meta-data layer to determine which data has changed, is most frequently accessed – or at greatest risk – and then prioritises its searches for sensitive data starting at that point.

Thanks to this, the company claims that its meta-data layer approach provides critical context and intelligence about who can access certain data, who has accessed it, who the data owners are and whose access should be revoked.

This context, the firm says, allows businesses to hone-in on sensitive information that is most at risk – or most relevant – and take immediate action.

Varonis was founded at the start of 2005 by Israeli network security specialists Yaki Faitelson and Ohad Korkus, who made the interesting observation that most organisations' access to data is fundamentally flawed.

Gibson told Infosecurity that data volumes in most companies are growing at the rate of 650% every five years with 80% of these data volumes being unstructured and there are a growing number of regulatory requirements that organisations must abide by, including PCI, Sarbanes Oxley and the Data Protection Act.

"We are unique in the data governance space. We audit exactly what happens to data in a business – who shares data, whether they have permissions, who is accessing the data and what context that data is being accessed for", he said.

Today, Varonis has over 625 data governance customers with more than 1650 installations worldwide, increasing at the rate of 30+ businesses every week, he added.

These organisations include the Conde Nast publishing organisation and major healthcare plus retail companies.

This article is featured in:
Compliance and Policy  • Data Loss

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012