Information Social Access Mapping: Who is doing what with data?

Slides:



Advertisements
Similar presentations
File Server Organization and Best Practices IT Partners June, 02, 2010.
Advertisements

Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.
HP Quality Center Overview.
Compliance in Office 365 Edge Pereira Sandy Millar From Avanade Australia OSS304.
Microsoft Ignite /17/2017 2:11 PM
Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.
ELIMINATING DATA SECURITY THREATS Presented by: Michael Hartman Varonis Systems. Proprietary and confidential.
Database Auditing Models Dr. Gabriel. 2 Auditing Overview Audit examines: documentation that reflects (from business or individuals); actions, practices,
Chapter 7 Database Auditing Models
Welcome to the Exchange 2013 Webcast Archiving, eDiscovery, & Data Loss Prevention.
Confidential Crisis Management Innovations, LLC. CMI CrisisPad TM Product Overview Copyright © 2011, Crisis Management Innovations, LLC. All Rights Reserved.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
VARONIS OVERVIEW DATA GOVERNANCE & SECURE FILE SHARING JUNE 5, 2013 Presented By: Dietrich Benjes VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.
HIPAA COMPLIANCE WITH DELL
What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.
Module 9 Configuring Messaging Policy and Compliance.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 7 Database Auditing Models.
Module 9 Configuring Messaging Policy and Compliance.
Ankur Kothari Microsoft Corporation. In-Place Archive with secondary quota Access documents with SkyDrive Pro Site Mailboxes enable better collaboration.
Security and the Questions Business Users should be asking the Techies.
NON-COMPULSORY BRIEFING SESSION REQUEST FOR INFORMATION: ICT SECURITY SOLUTIONS RAF /2015/00019 Date: 29 September 2015 Time: 10:00.
Coding Compliance Components Writing Custom Policies for Auditing, Expiration and More Jason Morrill Program Manager Windows SharePoint Services.
PCI-DSS: Guidelines & Procedures When Working With Sensitive Data.
What’s New Data Loss Prevention 14. Information is Everywhere Brings Productivity, Agility, Convenience ……and Problems Copyright © 2015 Symantec Corporation.
Agile Information Lifecycle: A Customer Journey March 2016 Dan Jennings Veritas Partner Technical Account Manager +44 (0) Veritas Technologies.
CLOUD VIRTUALIZATION MLArchiver for vCloud Air Archiving | eDiscovery | Records Management | Analytics Stephen Catanzano August.
“ Unleash the power of trusted collaboration” PortalTalk is a ready-made and complete solution for trusted collaboration in the cloud. It seamlessly integrates.
Easy way to check if you have large Folders or Files Another way to check if you have large Folders or Files Deleting Files and Folders Flexible IT supporting.
Network and Server Basics. Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server network.
Your Office 365 Journey Prepare, Migrate, and Operate with Barracuda
Secure your complete data lifecycle using Azure Information Protection
NON-COMPULSORY BRIEFING SESSION REQUEST FOR INFORMATION: ICT SECURITY SOLUTIONS RAF /2015/00019 Date: 29 September 2015 Time: 10:00.
Contract Lifecycle Management In the Disruptive Age
BIM 360 Glue Migration to BIM 360 Account Administration (HQ)
Streamline your HR document management processes
Brandon Botes #SPSJHB Records Management – Friend or Foe ???
Brandon Botes #SPSDBN Records Management – Friend or Foe ???
Reducing Cost and Risk During an Investigation
Identity Driven Security
Secure your complete data lifecycle using Azure Information Protection
Transforming IT Management
Introduction to Soonr by ….
Making Information Security Manageable with GRC
ForumPass Familiarization Demonstration
Skyhigh Enables Enterprises to Use Productivity Tools of Microsoft Office 365 While Meeting Their Security, Compliance & Governance Requirements Partner.
Threat Landscape for Data Security
Varonis Overview.
The Privacy Cycle A Five-Step Process to Improve Your Privacy Culture
Pack Your Park by Modernizing Your Business Online
11/16/2018 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Top 10 Tips for GDPR Compliance in Office 365
Brandon Botes #SPSJHB Records Management – Friend or Foe ???
A 5-minute overview of ADAudit Plus
Using the Cloud App Marketplace Monitoring cloud app migrations
Business Document Platform
HIPAA SECURITY RULE Copyright © 2008, 2006, 2004 by Saunders an imprint of Elsevier Inc. All rights reserved.
Features Overview.
03 | Basic Admin Capabilities
Make it real: Help your customers comply with the GDPR
Comodo Dome Data Protection
Contract Management Software 100% Cloud-Based ContraxAware provides you with a deep set of easy to use contract management features.
SysKit Security Manager
Security in SharePoint and Teams with DLP, IRM, and AIP
{ How can your Business benefit from uniFLOW? }.
Presentation transcript:

Information Social Access Mapping: Who is doing what with data? Dan Jennings March 2016 Veritas Partner Technical Account Manager +44 (0)7590 003199 Veritas Technologies LLC   Office: +44 (0)7590 003199 Email address: dan.jennings@veritas.com

Information Ownership Identification Including Inferred Ownership

Identify Data Owners Anyone can do this bit. 3

Rule-based Inference of Data Owners with Custom Attribute Mapping This is far more difficult. Veritas has unique capability here. How many owners of information are “Root” or “Administrator”, or even people that have long left the organisation? Address that with inferred ownership 4

Tracking Users

Track User Activity for Investigations or Audit The Audit Log feature of Data Insight and how it delivers detailed usage information. To find out what Archie accessed and when he accessed it, the Data Insight user can [Click] click on Audit Logs to get detail down to the file level. On this screen, the Data Insight user has navigated to one of the files within the Patent folder after determining that Archie had accessed the patent folder. Data Insight is showing who accessed one of the .doc files in the Patent folder. You can infer from the graph that Archie was reading and writing this folder during the month of October, and below that you can see a detailed log by user of the activity on that file. Data Insight lets you sort the log by Read, Write, Create, Rename and Delete. The investigator now has the information they were looking for regarding who was accessing sensitive data – now they are interested in finding out why someone like Archie, who didn’t work in the legal department had access to that folder.

Archiving Integration Copyright © 2015 Symantec Corporation

Archive Orphan Folders DO - inactive/orphan data sets -> send automatically to EV - policy-based (types of files, age, owner) - EV FSA; SharePoint next Expiration policy: - ownership classification (data in HR category, Delete or move to the cloud Chargeback Symantec Propietary and Confidential SYMC CONFIDENTIAL

Archive by Type Another policy type to archive by. Layer the policies. Symantec Propietary and Confidential 9 9

Archive Custodian Data Symantec Propietary and Confidential 10 10

Archive for Retention Symantec Propietary and Confidential 11 11

Data Loss Prevention Integration Copyright © 2015 Symantec Corporation

Policies to Proactively Monitor Sensitive Data Usage Monitor activity to data Select folders or use DLP classification Alert if activity exceeds threshold Monitor activity of users Alert if user activity deviates from baseline Symantec Data Insight 4.0

Social Network Map: Secure Collaboration Clean up screenshots Detect outliers among users Reduce risk from excessive access permissions

Data Loss Prevention View: Incident and Data Owner Objective of Slide Explain the key benefit of Data Insight with an actual use scenario using a screen shot for illustration. Script Here’s an example of how you can use Data Owner ID to help clean up sensitive data as part of a Network Discover scan. Any time an file is found as part of a Network Discover scan, an incident snapshot is generated in Enforce. This incident snapshot captures all relevant information about an incident so it can be efficiently remediated. We’re looking at an incident snapshot that was generated from a Network Discover scan. This is an example of the type of scans many of our customers perform – they’re looking to find and clean up credit card data out on shared file systems in order to comply with PCI (Payment Card Industry – Data Security Standard ) rules. This incident violated the Credit Card detection rule that we had set up in Enforce. If you look at Incident Details over on the left side of the screen, you see a lot of useful information including where the file is located [Click] Name of the document [Click] File Owner [Click] and the name of the machine where it was found [Click] Notice that the file owner is listed as BUILTIN\Administrators – this is the information that’s been pulled from the file meta data and is pretty typical. Most files are owned by the Administrator – unfortunately, this does not reveal the real owner. That’s where Data Insight comes in. Notice on the right side of the screen in the Attributes section – you see in the lower section a datainsight section. When an incident is created, Enforce asks Data Insight to name the most frequent user of this file – multiple users can be listed and ordered in frequency of access. [Click] The data user or multiple data users are listed in the incident , and an AD user name is listed as the Data Owner. Now that the data owner can be positively identified, the next step is to begin remediation with Network Protect [Click] Remediation buttons for 1 Click Smart Responses– Save time and effort by creating a single command that combines multiple remediation responses and status changes that are specific to your company’s procedures and workflow to ensure consistent remediation for an incident type (“Escalate”, “Launch Investigation”, “Notify Manager” etc.) The benefit of Network Discover, Data Insight and Network Protect is that they enable organizations to quickly find exposed confidential data wherever it is stored, understand who owns the data , and take steps to notify the owner or fix it automatically. Discovery Questions/Competitive Traps What is your process to identify where all your unsecured, outdated or redundant data is stored and who owns it? Do you have an upcoming audit or compliance deadline? Trap: Finding data owner is key to fixing stored confidential data, and typically the meta data is not sufficient. You need a solution like Data Insight to identify ownership by usage. John Smith Data Insight Symantec Data Insight 4.0

Case Study Large Financial Services Company Remediates Open Shares Background Goals Data Insight Benefits Focus on securing unstructured data Where to start? How to remediate? NetApp, Windows, SharePoint (1PB+) Key benefit: Facilitate investigations for malicious activities Discover Open Shares, Review ownership/activity analysis to drive lockdown without disruption Prioritize DLP scans based on Open Shares report; Identify data owners Identify complex shares, data owners and active departments Identify hotspots or unusual spikes in activity; Data clean-up by type Reduce Open Shares Risk Sensitive Data Clean-up File Shares Consolidation Storage Remediation ok

Dan Jennings +44 (0)7590 003199 dan.jennings@veritas.com

Strategy for Information Management 1 Discover 2 Report and Recommend 3 Execute Policy – Archive & eDiscovery 4 Execute Policy – Data Loss Prevention 5 Execute Policy – Information Delivery

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.