The Effects of Cloud Services on Compliance and Data Protection

Slides:



Advertisements
Similar presentations
Complete Event Log Viewing, Monitoring and Management.
Advertisements

Copyright © 2012 AirWatch, LLC. All rights reserved. Proprietary & Confidential. Mobile Content Strategies and Deployment Best Practices.
Presentation by Priyanka Sawarkar
Dangers of Cloud Computing How to keep your documents safe.
Bring Your Own Service The Effects of Cloud Services on Compliance and Data Protection © 2012 Varonis Systems. Proprietary and confidential.
Mission Critical Messaging Platform Roni Havas Unified Communications Solution Specialist Specialists Technology Unit – EPG - Microsoft Israel
Anytime/Anywhere Access Cloud Computing Cloud Applications Cloud Desktop Cloud Storage John Waugh Client Relationship Manager ITS.
ReadyNAS Duo/NV+ v2 Jump Ahead with Software Update Aug 2012.
1 © Copyright 2013 EMC Corporation. All rights reserved. Online File Synchronization and Sharing for the Enterprise.
Confidential FullArmor Corp Platform for SaaS and mobile apps to remotely access, migrate, and sync Active Directory resources with the cloud ADanywhere.
Mobile Data Sharing over Cloud Group No. 8 - Akshay Kantak - Swapnil Chavan - Harish Singh.
Windows Server 2012 R2 Capabilities for BYOD Scenario Yuri Diogenes Senior Knowledge Engineer Data Center, Devices & Enterprise Client – CSI Team’s Page:
Introducing TakeCharge SyncedTool The most secure, agile hosted file-sharing platform for business.
ShareFile Enterprise. © 2012 Citrix | Confidential – Do Not Distribute Consumerization of IT My Workspace My Device(s) My Apps ?My Data.
Secure Private Cloud Storage for Business. The Market Trend File Sharing Any Device Any Where Public clouds are good enough to personal users but security.
ELIMINATING DATA SECURITY THREATS Presented by: Michael Hartman Varonis Systems. Proprietary and confidential.
General Presentation August Based out of the Netherlands 8 years of development Launched in May Sales offices in Los Angeles, Amsterdam, Hong.
Office 365: Efficient Cloud Solutions Wednesday March 12, 9AM Chaz Vossburg / Gabe Laushbaugh.
SHARESYNCPage 1 of 2 ShareSync is a business-grade file sync and share service Sync files across devices Share files and folders easily and securely Business-grade.
Empower Enterprise Mobility Jasbir Gill Azure Mobility.
VARONIS OVERVIEW DATA GOVERNANCE & SECURE FILE SHARING JUNE 5, 2013 Presented By: Dietrich Benjes VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.
Security considerations for mobile devices in GoRTT
Extending Forefront beyond the limit TMG UAG ISA IAG Security Suite
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL Our mission is to help enterprises realize value from their unstructured data. Eliminating Data Security Threats.
© 2013 Dropbox Confidential |1 2/15/13 Genomic Health and Dropbox.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Module 7 Planning and Deploying Messaging Compliance.
Securely Synchronize and Share Enterprise Files across Desktops, Web, and Mobile with EasiShare on the Powerful Microsoft Azure Cloud Platform MICROSOFT.
1 1 Securing (Accountability for) Cloud Content Peter McGoff – SVP and General Counsel.
Access and Information Protection Product Overview Andrew McMurray Technical Evangelist – Windows
Get identities to the cloud Mix on-premises and cloud identity for improved PC, mobile, and web productivity Cloud identities help you run your business.
Access resources in a federation partner organization.
Microsoft Virtual Academy Preparing for the Windows 8.1 MCSA Module 5: Managing Devices & Resource Access.
User and Device Management
Box.net Kerndeep Sidhu. What is Box.net? Provides cloud content management Empowers users to access and share content online Allows IT professionals to.
BYOD: An IT Security Perspective. What is BYOD? Bring your own device - refers to the policy of permitting employees to bring personally owned mobile.
BE-com.eu Brussel, 26 april 2016 EXCHANGE 2010 HYBRID (IN THE EXCHANGE 2016 WORLD)
KeepItSafe Solution Suite Securely control and manage all of your data backups with ease, from a single location. KeepItSafe Online Backup KeepItSafe.
Tomaž Čebul Principal Consultant Microsoft Bring Your Own Device, kaj pa je to?
Short Customer Presentation September The Company  Storgrid delivers a secure software platform for creating secure file sync and sharing solutions.
1© Copyright 2012 EMC Corporation. All rights reserved. Next Generation Authentication Bring Your Own security impact Tim Dumas – Technology Consultant.
MCSA Windows Server 2012 Pass Upgrading Your Skills to MCSA Windows Server 2012 Exam By The Help Of Exams4Sure Get Complete File From
Today’s challenges Data Users Apps Devices
10/16/2017 7:22 AM © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION.
Web GIS: Architectural Patterns and Practices
OneDrive for Business Cross-Sell
Brandon Botes #SPSJHB Records Management – Friend or Foe ???
Introduction to Soonr by ….
What Is Sharepoint? Mohsen Ashkboos
Varonis Overview.
Which is right for your business, Office 365 or Microsoft 365?
Microsoft Ignite /20/2018 2:21 PM
Access and Information Protection Product Overview October 2013
Which is right for your business, Office 365 or Microsoft 365?
Microsoft Ignite NZ October 2016 SKYCITY, Auckland.
Managing Content: You Need To Think About More Than Office 365
Brandon Botes #SPSJHB Records Management – Friend or Foe ???
IN THE PAST, THE FIREWALL WAS THE SECURITY PERIMETER devicesdata users apps On-premises.
4/9/ :42 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
System Center Marketing
TechEd /6/ :24 PM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.
Salesforce.com Salesforce.com is the world leader in on-demand customer relationship management (CRM) services Manages sales, marketing, customer service,
Microsoft Data Insights Summit
Microsoft Data Insights Summit
STEALTHbits Technologies, Inc.
Microsoft Virtual Academy
Presentation transcript:

The Effects of Cloud Services on Compliance and Data Protection Bring your own service The Effects of Cloud Services on Compliance and Data Protection Varonis Systems. Proprietary and confidential.

About varonis Founded in 2004, started operations in 2005 Over 1800 Customers Over 4500 installations Offices on 6 continents Based on patented technology and a highly accurate analytics engine, Varonis solutions give organizations total visibility and control over their unstructured data, ensuring that only the right users have access to the right data at all times from all devices, all use is monitored, and abuse is flagged. Varonis Systems. Proprietary and confidential.

BRING YOUR OWN DEVICE You’ve all been bombarded with BYOD, right? Everyone has their own smartphone, tablet, or laptop (or all three), and they want to use them for work.

More devices has meant a spike in services that easily keep data sync’d between them. These services are often: Cloud-based Free or cheap Completely outside of organizational control or oversight BRING YOUR OWN SERVICE

Example: Cloud File Sharing Explosion Public cloud file sharing has exploded As of November 2012, Dropbox claimed to have 100,000,000 customers One of the services that many of you are likely grappling with already is Dropbox. It’s no secret that the way we share files has changed. File sync services like Dropbox have seen enormous growth. Dropbox reports having over 100 million customers now. Varonis Systems. Proprietary and confidential.

Why do people love Dropbox? It’s easy! You have a folder You put stuff in it It syncs With all your devices With the people you want to share with Services like this make BYOD work …but does BYOS work for business? There are a lot of factors contributing to this growth: the proliferation of smart phones and tables being a major driver. But perhaps more importantly: it’s easy. You have a folder You put stuff it in It syncs – With all your devices With the people you want to share with Without services like Dropbox, BYOD wouldn’t work. You’d have to manually sync all of your data all of the time. It’d be so painful, you wouldn’t want to manage more than one device. Remember what is was like to have to manually sync songs to your iPod? Varonis Systems. Proprietary and confidential.

Varonis Systems. Proprietary and confidential.

Hey boss, can I use Dropbox? Varonis Systems. Proprietary and confidential.

No. =( No. Bummer. Varonis Systems. Proprietary and confidential.

Varonis BYOS Survey Results of companies currently do not allow cloud-based file synchronization of companies are satisfied with the controls that cloud-based file sync services have in place In all seriousness, to gauge the adoption of BYOS, Varonis conducted research with the analyst firm IDG last year and found that: 80% of organizations don’t allow their employees to use cloud file sync services like Dropbox On the other end of the spectrum, 14% were comfortable with BYOS And 6% weren’t satisfied by the control and security around BYOS, but are going ahead anyway So, what are the main reasons 80% of organizations don’t allow BYOS? of companies are not satisfied but are going ahead anyway Varonis Systems. Proprietary and confidential.

Access rights and Authorization Why not? worried about maintaining correct access rights and authorization Over half of companies are worried that they won’t be able to ensure that only the right users have access to data that’s stored in a cloud service. If you think about it, many of these BYOS services were built with consumers in mind, and governance has been an afterthought – especially governance that is designed to stand up to corporate requirements. Varonis Systems. Proprietary and confidential.

Authentication Why not? worried about authentication 39% of companies are concerned about authentication. For many companies, if authentication doesn’t go through their directory services, it becomes an added burden to control, if they can control it at all. Most BYOS use password authentication that’s linked to your personal email account, so in many cases the company doesn’t even know an account has been created. Varonis Systems. Proprietary and confidential.

Auditing & Data Loss Why not? worried about data loss or auditing access activity 26% were opposed to BYOS for fear of data loss and lack of visibility into who is touching data. Organizations know that questions come up all the time about who has accessed data, or who has deleted data. And without an audit trail, these questions can’t be answered. Varonis Systems. Proprietary and confidential.

FEARED Consequences Downtime Loss of productivity When considering BYOS, companies seem to be most afraid of falling victim to a number of things. Surprisingly, most people were afraid of downtime, which is not the first thing you might think of for BYOS. But there have been a number of high-profile instances with Amazon Web Services and other providers whose infrastructure powers a number of big businesses. Loss of productivity. Compliance violations. Data theft and loss. Downtime Loss of productivity Compliance violations Data theft Varonis Systems. Proprietary and confidential.

So, will you ever allow Dropbox? IT plans to allow cloud-based file sync Lastly, we asked people if they’d ever adopt cloud services such as Dropbox. A resounding 69% said: no. No Yes Varonis Systems. Proprietary and confidential.

Too bad! We’re using them anyway 1 in 5 employees already use Dropbox for work! Despite your plans to not use Dropbox, chances are users are doing it anyway. A survey by Nasuni reports that 1 in 5 employees (20%) are already using Dropbox for business data. Source: Nasuni http://www6.nasuni.com/shadow-it-2012.html Varonis Systems. Proprietary and confidential.

Doing nothing means we’ll lose control It’s clear that if we don’t take any action, users will take matters into their own hands. Varonis Systems. Proprietary and confidential.

What if… …you could manage them in the same way you can manage internal resources? Yes No Varonis Systems. Proprietary and confidential.

Let’s Have our cake and eat it, too Give users what they want: Simplicity Accessibility Mobile support Give organizations what they need: Control Compliance Security So what should we do about it? We have to give users what they want while maintaining control. We know that users want simplicity, accessibility, and mobile support. We know that organizations need control, compliance, and security. Varonis Systems. Proprietary and confidential.

How do we do this? Varonis Systems. Proprietary and confidential.

What are the options? Cloud Internal In order to achieve our goal, we either going to have to find a cloud service that provides the control we need. Or we’re going to have to bring the cloud functionality and simplicity inside where the controls already exist. Varonis Systems. Proprietary and confidential.

To the cloud! Cloud The first option we’re going to look is moving data to the cloud. Assuming you’ve found a cloud service that meets your needs, how do you plan to get there? Varonis Systems. Proprietary and confidential.

Do you have an existing infrastructure? Easy! Moving everything? No so hard. Oh boy. No Yes If you don’t have an existing infrastructure, you don’t have to worry about this. But if you do, you have to ask questions like: Will we be moving everything and shutting down your existing infrastructure? If not, it’s important to ask some important questions: Can you determine which data you want to move? Are you going to have multiple user directories? Are you going to have multiple processes for granting and revoking access to data? If you need to figure out who’s been touching data, do you have one audit trail or many? If you’ve got copies of the same data inside and outside, how do you determine what the definitive copy is? How do people on the inside collaborate with people using cloud services? No Yes Varonis Systems. Proprietary and confidential.

Controls in the Cloud Data stored in the cloud is still subject to the same risks as internal data According to the Information Commissioner’s Office (ICO), you’re still responsible for your data even if it’s stored in the cloud Even if you aren’t going to end up with two environments to manage – inside and outside – there are still challenges. Data stored in the cloud is still subject to the same risks. According to the ICO, you’re still responsible for your data, even if it’s stored in the cloud. So if Dropbox has a breach and loses your customers’ data, you’re still on the hook. Even though you’re outsourcing the storage, you’re not outsourcing the risk. Varonis Systems. Proprietary and confidential.

Don’t forget to pack… Backup & recovery processes (BCP/DR) Authorization processes (entitlement reviews, authorization workflows) Retention & Disposition Content inspection Access auditing Change management Lastly, when it comes down to physically moving your data to the cloud, some additional things to consider are: How you plan to backup that data? How would you fall-over in the event of a disaster? How are you going to manage who gets access to what? It’s not in cloud vendors’ interest to delete data – so how are you going to manage archiving? How are you going to find sensitive content, like PII? Or ensure it stays out of the cloud altogether. How are you going to answer questions about who’s been accessing or deleting data across multiple repositories? How do you do change management in the cloud? Varonis Systems. Proprietary and confidential.

Extend your existing infrastructure Internal Varonis Systems. Proprietary and confidential.

Do you have an existing infrastructure? This is a whole different presentation Add cloud-like functionality No Yes TODO: flow chart No?  Well, we’ll probably need a whole different presentation for that. Yes  Add cloud-like functionality. What is that cloud-like functionality? File synchronization. Mobile device support. Third-party sharing. Easily integrates with existing controls. Leverages your data, permissions, and directory services. Varonis Systems. Proprietary and confidential.

What do we need? We need to provide client for mobile devices and laptops We need to provide file sync We need to authenticate with Active Directory We need to enforce existing permissions We need to coexist with all the internal controls we mentioned before (backup, classification, etc.) Would be ideal to be able to have everything contained in our own infrastructure Here are some of the things we’d want if we were going to bring cloud-like functionality to our existing infrastructure. Does anything like this exist? At least one: Varonis DatAnywhere. Varonis Systems. Proprietary and confidential.

Varonis DatAnywhere Provide cloud usability using only existing infrastructure: There’s a folder You put stuff in it It syncs… With your existing storage (NAS, file servers) Using Active Directory credentials Using your existing file system permissions Varonis Systems. Proprietary and confidential.

Step 1: Login AD Domain credentials Login with your domain credentials (Active Directory) and/or multi-factor authentication Varonis Systems. Proprietary and confidential.

Step 2: Collaborate Your sync’d folders appear in explorer Changes sync to your CIFS servers Varonis Systems. Proprietary and confidential.

See Sync Speeds and Notifications Varonis Systems. Proprietary and confidential.

Mobile Apps Varonis Systems. Proprietary and confidential.

Right click for instant Extra-net Varonis Systems. Proprietary and confidential.

Secure Collaboration with 3rd Parties Set permissions and expiration dates. Share with partners, customers, vendors, and clients. Varonis Systems. Proprietary and confidential.

DatAnywhere Architecture Windows Mac Smart Phone Tablet DN Edge server Sync Manager Sync Worker Windows File Systems CIFS HTTPS DN Edge server Sync Manager NAS Sync Worker Client authorization DatAnywhere Client MS Active Directory Varonis Systems. Proprietary and confidential.

One more thing… Some of you might be thinking “my internal infrastructure could benefit from better controls, too.” Varonis Systems. Proprietary and confidential.

Integrates with Data Governance Suite Use DatAdvantage to manage permissions Use DataPrivilege to automate authorization DatAnywhere activity is recorded by DatAdvantage Varonis has been helping organizations with data governance for years. Varonis Systems. Proprietary and confidential.

Summary Cloud-style sharing and BYOD may be inevitable Organizations must choose a direction before the employees choose one for them Organizations have a choice between moving data to the cloud, or extending their existing infrastructure to provide cloud-style capabilities in-house Whichever direction your organization chooses, governance will be instrumental for secure collaboration Varonis Systems. Proprietary and confidential.

Varonis Solutions GOVERNANCE ACCESS RETENTION Ensure that only the right people has access to the right data at all times, access is monitored and abuse is flagged. ACCESS Use your existing file shares, on your own servers, to provide file synchronization, mobile access, and secure 3rd party sharing. RETENTION Intelligently automate data disposition, archiving and migration process using the intelligence of the Varonis Metadata Framework

Thank you Varonis Systems. Proprietary and confidential.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.