Token Bloat. It’s Preventable. by David Gibson

I mentioned last week that organizations are moving toward using single-purpose security groups, where each shared folder has a read group and a write group on its ACL, and these groups are not used to permission other folders or resources. DataPrivilege® automatically creates and helps data owners maintain these single-purpose security groups, so the additional…

Aligning Security Groups and Automating Entitlement Reviews by David Gibson

More and more of the companies I’ve been meeting with recently are discussing the need to align groups with data, and then to perform entitlement reviews (aka permissions audits/attestations) on the re-aligned groups or the data itself. One administrator took the words out of my mouth, “If you’re not sure that the groups are correctly…

Enterprise Governance with RSA and Varonis by Brian Vecci

One of the things our customers ask us from time to time is how RSA DLP, RSA Archer and Varonis can work together. RSA Archer is an eGRC or enterprise governance, compliance and risk product. It’s designed to help organizations organize and maintain a wide variety of governance and risk policies, and it does a…

PCI DSS Compliance: It’s Not Just About Structured Data

Many times in organizations there is such a focus on databases in regards to PCI Compliance that other critical data repositories are neglected to the detriment of an organizations compliance efforts. E-Commerce Times, just published an article by David Gibson, Director of Strategic Accounts and Technical Marketing for Varonis which outlines why it is important to…