Likelihood to Recommend
Well suited for general compliance, multiple initiatives, and integration with TeamMate. SAP GRC Process control may be better suited for an SAP environment. Oracle GRC may be better suited for an Oracle environment. Overall, BWise is a very cost effective, and flexible solution.
Read full review
The most highlighted feature of Varonis Data Security Platform is the data analyzing mechanism. It analyzes your data all the time with some special algorithms to detect any unusual activities so that it can identify any unusual behavior or users and
take necessary action to save your sensitive data. They also offer a complete dashboard solution for their customers to control across different data stores, see their current state, and any security breaches to be addressed manually. Read full review Pros Great reporting tool (uses SAP Business Objects). It is quite flexible on types of reports that can be created and supported. Also the reporting consultants are very competent and nice. Highly customizable solution: almost everything can be tailored to an organization's needs, assessments, audits, issues, recommendations, tasks, etc. However, there's a trade-off between customization and the integration of different areas of the organization. Increases visibility and efficiency in the organization. BWise offers centralized repositories (catalogs) that can be easily accessed and used by everyone in the organization (e.g. Process catalog, Policies and Procedures catalog, Risks, Controls, Laws catalogs, etc.). Also, the application allows findings on controls tested by Audit to be automatically reflected in controls monitored by SOX for example, without the need for SOX to retest them. So one area can leverage on the work of other areas increasing operational efficiency. Increases integration and avoids silos. By choosing the correct design (e.g. Risk Workshops instead of Open Assessments), one area can see and benefit from another areas' work. An example was mentioned above; another would be Operational Risk area considering the results of Business Continuity, Vendor Management, Info Security, etc. assessments when carrying out theirs. Additionally, processes can be integrated: when contracting a new vendor for instance, one can include questions about data confidentiality and usage of models in the Vendor risk assessment. Answers to these could then trigger Info Sec / Model Risk assessments. Increases accountability. Application provides full audit/change log with the type of change, name of executor, and date of change. Easier follow-up. BWise sends automatic emails with reminders to the people required to take action on an issue, assessment, etc. Read full review Varonis logging is very robust and captures all audit events being sent from the file servers. The ability to report and alert on Active Directory account events works very well with file activity monitoring. It can show the complete picture of what an account did while being used. Have a customizable dashboard is great for being able to show upper management information that only pertains to them. Read full review Cons Integration with SAP for continuous control monitoring. Control mapping to standards: ISO; COSO; COBIT; HIPAA; SP800_53 (NIST); FedRAMP; PCI_DSS; BITS; GAAP; AICPA; BSI; CCM; COPPA; CSA Surveys. Read full review Implementation can be challenging in some areas and can only be executed by the vendor Implementation can only be executed by the vendor and additional work can be chargeable Licensing can be improved upon Agent based so implementation can be longer than expected Read full review Likelihood to Renew
BWIse is very flexible, and an affordable GRC tool.
Read full review Usability
I found BWise to be very intuitive and user friendly.
Read full review
I wish the cost was a little bit lower and increase functionality and features would give it 10/10.
Read full review Support Rating
BWise support is knowledgeable and responsive. Bug fixes and development are also timely and ongoing.
Read full review
Support has always been very responsive and addressed any issues we may have had in the past. Some local engineers are willing to come onsite or work over a web session to discuss creating a new rule set or look at some issues. Getting issues address has never been a problem. There was one feature we had trouble getting to function correctly, but support and local engineers were willing to work with us as much as needed to get it working correctly for our organization.
Read full review Implementation Rating
The main issues were managing the internal conflicts and competing objectives, rather than the capability and implementation of BWise itself.
Read full review Alternatives Considered
Wasn't personally involved in the vendor selection process. I am aware that one of the main drivers for selecting BWise was cost (I believe BWise total project cost was several times lower than
Read full review
Actually, we didn't expend much time evaluating other file auditing platforms. We chose Varonis just after a serious incident and we had already heard about Varonis at a Netapp event. So it was an easy choice. We called Varonis and asked them for a PoC, that's it. The PoC became a production and it is running until this day.
Read full review Return on Investment Increased employee efficiency especially considering incident management and follow up. Increased visibility and senior management information/awareness. Increased employee accountability. Reduction of silos. Read full review We have identified data classifications issues that our organization was not aware of prior to the implementation. The tool does take a dedicated resource for it to be effective. Varonis has improved the speed with which we can fulfill audit requests, leaving us more time for other tasks. Read full review ScreenShots