Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Social Access Mapping: Who is doing what with data?

Published bySugiarto Widjaja Modified over 5 years ago

Similar presentations

Presentation on theme: "Information Social Access Mapping: Who is doing what with data?"— Presentation transcript:

1 Information Social Access Mapping: Who is doing what with data?
Dan Jennings March 2016 Veritas Partner Technical Account Manager +44 (0) Veritas Technologies LLC Office: +44 (0) address:

2 Information Ownership Identification
Including Inferred Ownership

3 Identify Data Owners Anyone can do this bit. 3

4 Rule-based Inference of Data Owners with Custom Attribute Mapping
This is far more difficult. Veritas has unique capability here. How many owners of information are “Root” or “Administrator”, or even people that have long left the organisation? Address that with inferred ownership 4

5 Tracking Users

6 Track User Activity for Investigations or Audit
The Audit Log feature of Data Insight and how it delivers detailed usage information. To find out what Archie accessed and when he accessed it, the Data Insight user can [Click] click on Audit Logs to get detail down to the file level. On this screen, the Data Insight user has navigated to one of the files within the Patent folder after determining that Archie had accessed the patent folder. Data Insight is showing who accessed one of the .doc files in the Patent folder. You can infer from the graph that Archie was reading and writing this folder during the month of October, and below that you can see a detailed log by user of the activity on that file. Data Insight lets you sort the log by Read, Write, Create, Rename and Delete. The investigator now has the information they were looking for regarding who was accessing sensitive data – now they are interested in finding out why someone like Archie, who didn’t work in the legal department had access to that folder.

7 Archiving Integration
Copyright © 2015 Symantec Corporation

8 Archive Orphan Folders
DO - inactive/orphan data sets -> send automatically to EV - policy-based (types of files, age, owner) - EV FSA; SharePoint next Expiration policy: - ownership classification (data in HR category, Delete or move to the cloud Chargeback Symantec Propietary and Confidential SYMC CONFIDENTIAL

9 Archive by Type Another policy type to archive by. Layer the policies.
Symantec Propietary and Confidential 9 9

10 Archive Custodian Data
Symantec Propietary and Confidential 10 10

11 Archive for Retention Symantec Propietary and Confidential 11 11

12 Data Loss Prevention Integration
Copyright © 2015 Symantec Corporation

13 Policies to Proactively Monitor Sensitive Data Usage
Monitor activity to data Select folders or use DLP classification Alert if activity exceeds threshold Monitor activity of users Alert if user activity deviates from baseline Symantec Data Insight 4.0

14 Social Network Map: Secure Collaboration
Clean up screenshots Detect outliers among users Reduce risk from excessive access permissions

15 Data Loss Prevention View: Incident and Data Owner
Objective of Slide Explain the key benefit of Data Insight with an actual use scenario using a screen shot for illustration. Script Here’s an example of how you can use Data Owner ID to help clean up sensitive data as part of a Network Discover scan. Any time an file is found as part of a Network Discover scan, an incident snapshot is generated in Enforce. This incident snapshot captures all relevant information about an incident so it can be efficiently remediated. We’re looking at an incident snapshot that was generated from a Network Discover scan. This is an example of the type of scans many of our customers perform – they’re looking to find and clean up credit card data out on shared file systems in order to comply with PCI (Payment Card Industry – Data Security Standard ) rules. This incident violated the Credit Card detection rule that we had set up in Enforce. If you look at Incident Details over on the left side of the screen, you see a lot of useful information including where the file is located [Click] Name of the document [Click] File Owner [Click] and the name of the machine where it was found [Click] Notice that the file owner is listed as BUILTIN\Administrators – this is the information that’s been pulled from the file meta data and is pretty typical. Most files are owned by the Administrator – unfortunately, this does not reveal the real owner. That’s where Data Insight comes in. Notice on the right side of the screen in the Attributes section – you see in the lower section a datainsight section. When an incident is created, Enforce asks Data Insight to name the most frequent user of this file – multiple users can be listed and ordered in frequency of access. [Click] The data user or multiple data users are listed in the incident , and an AD user name is listed as the Data Owner. Now that the data owner can be positively identified, the next step is to begin remediation with Network Protect [Click] Remediation buttons for 1 Click Smart Responses– Save time and effort by creating a single command that combines multiple remediation responses and status changes that are specific to your company’s procedures and workflow to ensure consistent remediation for an incident type (“Escalate”, “Launch Investigation”, “Notify Manager” etc.) The benefit of Network Discover, Data Insight and Network Protect is that they enable organizations to quickly find exposed confidential data wherever it is stored, understand who owns the data , and take steps to notify the owner or fix it automatically. Discovery Questions/Competitive Traps What is your process to identify where all your unsecured, outdated or redundant data is stored and who owns it? Do you have an upcoming audit or compliance deadline? Trap: Finding data owner is key to fixing stored confidential data, and typically the meta data is not sufficient. You need a solution like Data Insight to identify ownership by usage. John Smith Data Insight Symantec Data Insight 4.0

16 Case Study Large Financial Services Company Remediates Open Shares Background Goals Data Insight Benefits Focus on securing unstructured data Where to start? How to remediate? NetApp, Windows, SharePoint (1PB+) Key benefit: Facilitate investigations for malicious activities Discover Open Shares, Review ownership/activity analysis to drive lockdown without disruption Prioritize DLP scans based on Open Shares report; Identify data owners Identify complex shares, data owners and active departments Identify hotspots or unusual spikes in activity; Data clean-up by type Reduce Open Shares Risk Sensitive Data Clean-up File Shares Consolidation Storage Remediation ok

17 Dan Jennings +44 (0)

18 Strategy for Information Management
1 Discover 2 Report and Recommend 3 Execute Policy – Archive & eDiscovery 4 Execute Policy – Data Loss Prevention 5 Execute Policy – Information Delivery

Download ppt "Information Social Access Mapping: Who is doing what with data?"

Similar presentations

File Server Organization and Best Practices IT Partners June, 02, 2010.

File Server Organization and Best Practices IT Partners June, 02, 2010.
Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.

Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.
HP Quality Center Overview.

HP Quality Center Overview.
Compliance in Office 365 Edge Pereira Sandy Millar From Avanade Australia OSS304.

Compliance in Office 365 Edge Pereira Sandy Millar From Avanade Australia OSS304.
Microsoft Ignite /17/2017 2:11 PM

Microsoft Ignite /17/2017 2:11 PM
Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.

Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.
ELIMINATING DATA SECURITY THREATS Presented by: Michael Hartman Varonis Systems. Proprietary and confidential.

ELIMINATING DATA SECURITY THREATS Presented by: Michael Hartman Varonis Systems. Proprietary and confidential.
Database Auditing Models Dr. Gabriel. 2 Auditing Overview Audit examines: documentation that reflects (from business or individuals); actions, practices,

Database Auditing Models Dr. Gabriel. 2 Auditing Overview Audit examines: documentation that reflects (from business or individuals); actions, practices,
Chapter 7 Database Auditing Models

Chapter 7 Database Auditing Models
Welcome to the Exchange 2013 Webcast Archiving, eDiscovery, & Data Loss Prevention.

Welcome to the Exchange 2013 Webcast Archiving, eDiscovery, & Data Loss Prevention.
Confidential Crisis Management Innovations, LLC. CMI CrisisPad TM Product Overview Copyright © 2011, Crisis Management Innovations, LLC. All Rights Reserved.

Confidential Crisis Management Innovations, LLC. CMI CrisisPad TM Product Overview Copyright © 2011, Crisis Management Innovations, LLC. All Rights Reserved.
Chapter 20 20-1 © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
VARONIS OVERVIEW DATA GOVERNANCE & SECURE FILE SHARING JUNE 5, 2013 Presented By: Dietrich Benjes VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.

VARONIS OVERVIEW DATA GOVERNANCE & SECURE FILE SHARING JUNE 5, 2013 Presented By: Dietrich Benjes VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.
HIPAA COMPLIANCE WITH DELL

HIPAA COMPLIANCE WITH DELL
What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.

What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.
Module 9 Configuring Messaging Policy and Compliance.

Module 9 Configuring Messaging Policy and Compliance.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 7 Database Auditing Models.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 7 Database Auditing Models.
Module 9 Configuring Messaging Policy and Compliance.

Module 9 Configuring Messaging Policy and Compliance.
Ankur Kothari Microsoft Corporation. In-Place Archive with secondary quota Access documents with SkyDrive Pro Site Mailboxes enable better collaboration.

Ankur Kothari Microsoft Corporation. In-Place Archive with secondary quota Access documents with SkyDrive Pro Site Mailboxes enable better collaboration.
Security and the Questions Business Users should be asking the Techies.

Security and the Questions Business Users should be asking the Techies.

Similar presentations

Ads by Google