Varonis - The must have tool for Data Governance
December 07, 2018

Varonis - The must have tool for Data Governance

Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User

Overall Satisfaction with Data Security Platform

Varonis is one of University Advancement’s core business partners in our effort to comply with the recent PCI and data security initiatives the University is undertaking. We needed to get control of our data but it became evident there was a great deal of data that was not identified due to the amount and length of data being stored.

Some of the key questions answered by Varonis:

  • The amount of stale and sensitive data.
  • Where was this data stored?
  • Who owned and had access to the data?
  • What were people doing with the data?

Some of the controls provided by Varonis:

1. Alerts and reports on data access and file types.

2. Notifications on high priority AD alerts, Exchange alerts, and behavioral analytics.

Varonis has given us much needed insight into our data, which has become essential in our ability to secure our environment.

  • It will scan severs for Data Classifications (Credit Cards, Social Security, HIPPA, Ferpa, etc.)
  • Detailed logging of all the writes, modified, delete, open, etc. of a file, folder, AD object, Exchange object, and sensitive data
  • Provides alerting for AD, Exchange, and Ransomeware
  • I can identify data owners of a particular share and email them quarterly entitlement reviews for permissions.
  • Speed up with website within the DatAlert site.
  • Satisfies many of our annual PCI audit requirements concerning data governance, permissions, and alerting
  1. We use Varonis on a daily basis to provide access reports to high profile data. One example is the business office report that we send to our SBO and also we use it to monitor critical Card Holder servers to match up with our Change Control documents to see which files were changes, modified, deleted, or created.
  2. We also use it to get some great informational reports like stale data reports, big data reports, exe, mp3, mov files, broken SIDs, etc.
  3. We use it for DCF (Data Classification Framework) to scan our servers for sensitive data and to stay compliant with our audits.
  4. We also use it to identify Data Owners. Varonis makes it super simple to identify these owners and then we can email them entitlement reports confirming access and they can request to change it or you can even automate it with a product like Data privilege. One important thing that most people miss is when people transfer to different departments, sometimes these people have more permissions than they need and these type of reports being sent quarterly are to help remove unneeded access.
  5. DatAlert - We use it for instant alerting (DatAlert for high priority AD alerts, exchange alerts and now Analytic alerts).
    1. The new analytics and behavior alerts are a big addition to the product. You can now see:
      1. Mass files being encrypted (Ransomware) & Behavior Patterns of Ransomware
      2. AD Permissions, OU Changes, locked accounts, etc.
      3. Detects deletion of multiple directory service objects
      4. Detects exploitation software created or modified
      5. Detects if a brute force attack is happening locking out multiple AD accounts
      6. Detects if the host file was changed
      7. Detects if system binaries are found in unusual locations
      8. Detects if Crypto tools are installed and being used
      9. Detects if Group Policy Objects have been modified and by whom
      10. This is just a few of what their product does now!

Varonis Data Security Platform Feature Ratings