Five Things You Might Not Know About the FTC

While the EU Commission is close to finalizing their data protection law, here in the US, we have the Federal Trade Commission (FTC), which is the closest thing we have to an overall data protection protector and enforcer. In recent years, they’ve successfully brought actions against major social media companies for violating consumer privacy rights,…

Continue Reading

analyses mason

Analysys Mason Tackles File Sharing Securely with Varonis DatAnywhere

Today I’d like to share a story with you about our one of our customers in the U.K., Analysys Mason, a global specialist adviser on telecoms, media and technology (TMT), and how we’ve helped its workforce have cloud-like access to its file storage, from different locations and devices, in a controlled and secure manner. Since implementing Varonis’ Enterprise File Sync…

Continue Reading


User Behavior Analytics (UBA) and Insider Theft [White Paper]

Insider theft can be devastating for companies. After all, employees know where the most valuable and sensitive data lives. According to PwC’s 2014 US State of Cybercrime Survey, one-third of respondents said insider data theft is more costly or damaging than those committed by outsiders! How can you tell when an employee breaks bad? We…

Continue Reading

Over 30% of Our Customers Detected Insider Activity or Malware in Advance of Security Threats [SURVEY]

In our most recent customer survey*, we learned that over 30% have proactively detected one or more instances of suspicious user activity or malware, thanks to Varonis. These instances include: Detecting malware on the day it began Identifying actions taken by a departing employee Finding CryptoLocker ransomware Varonis solutions perform User Behavior Analytics (UBA) to…

Continue Reading


The Difference between SIEM and UBA

The latest 2015 Verizon Data Breach Investigations Report indicates that insider threats continue to be a top security concern. As employees go rogue, one effective insider threat prevention technology that has been instrumental for IT security is User Behavior Analytics (UBA). If you currently use a security identity event management (SIEM) tool to monitor user…

Continue Reading

Gartner Recognizes Varonis in 2015 Market Guide for File Analysis Software

Having spent the past decade pioneering and building out a range of solutions for managing and protecting critical data, we are pleased to report today that Gartner has recognized Varonis in its 2015 Market Guide for File Analysis Software. File analysis, according to Gartner, is used for three primary reasons: to increase operational efficiency, lower…

Continue Reading

Insider Theft 2015: We’ve Been Warned

Identity Theft Resource Center (ITRC) is my go-to source for a running tally of breaches. As of last week ITRC, which gets its stats from media sources and state agencies, has counted 505 incidents, exposing over 139 million records. So a little after the mid-year mark, the number of records taken is ahead of 2014’s…

Continue Reading


Another Look at Folder Permissions: Beyond AGLP

AGLP is Microsoft’s four-letter abbreviation for guiding admins in setting permissions in an Active Directory environment. Account, Global, Local, Permission just means the following: you put user accounts (A) into global groups (G), put the global groups into domain local groups (L), and then grant permissions (P) to the domain local group. Makes sense, right?…

Continue Reading

law firms data security protection

Why Law Firms Should Care About Data Security

An alarming 70% of large firm attorneys do not know if their firm has been breached, according to a recent American Bar Association (ABA) survey conducted by the ABA’s Legal Technology Resource Center. For many companies, it often takes IT months to learn about an incident—if they ever find out at all—and usually only after…

Continue Reading


The IP Theft Puzzle, Part II: Ideas for Spotting Directory Copies

Catching an insider thief before he gets and exfiltrates IP ain’t easy. As I wrote about in the last post in this series, insiders already have access to sensitive content — they’re authorized to view, copy, and edit important code, documents, and presentations. Casing the Joint However, we do know that insiders generally first test…

Continue Reading