Archive for: September, 2012

Longing for Inbox Zero? Tell Us About Your Digital Work Habits, Win an iPad

How much of your work day is consumed by email, IM, Facebook and other digital interruptions? How much of your time do you spend organizing emails, tagging and flagging, categorizing and color-coding? What’s the most interesting email you wish was never sent?

Varonis is conducting research about digital work habits and we’d love for you to participate. Fill out our short survey—it’ll take less than 5 minutes—for a chance to win a new iPad. All submissions are completely anonymized.

Sorry! The survey is closed.

(And, when you’re done, check out Merlin Mann’s classic Inbox Zero tech talk from Google for some brilliant advice on how to better manage your digital work life.)

5 Step Guide to Reducing the #1 Data Security Risk

RiskLast week I had the opportunity to attend an event on 3rd party data security and risk. Throughout the event, I talked with folks from many different industries and in many different roles.  I spoke with auditors, general IT managers, storage administrators, CIOs, and of course, security professionals.

What is the Top Priority for Reducing Risk?

Everyone shared one common concern:

How can we reduce risk and protect our clients’ data?

One executive was asked, “Which area would you consider your number one priority for reducing risk?”  His decisive answer was that, of all the areas of risk his massive enterprise faces, priority number one is unstructured data security.

This shocked me a bit at first, but when you think about it, it makes perfect sense.  According to Gartner, unstructured data accounts for more than 80% of all organizational data, and it’s growing approximately 50% every year.

Even data that is normally stored in databases or apps is regularly being dumped into spreadsheets for analysis, PowerPoint slides for presentations, PDFs for reading, and email for sharing between teams.

When you think about it this way, it becomes very easy to see why unstructured data is the highest risk area for many IT departments.

Compliance and Regulations

In addition to the intrinsic motivation for securing unstructured data, external regulations such as SOX, HIPAA, and PCI are forcing organizations to put processes in place to ensure the protection of 3rd party data.  Unfortunately,  most organizations don’t have an efficient and affordable way to put these controls in place and prove that they’re being enforced.

An auditor I spoke with mentioned how difficult and time-consuming it is to perform attestations, and how, for most companies, entitlement reviews are manual and painful processes that don’t really accomplish the end goal of protecting data.

Where Do We Begin?  A 5 Step Guide

If you are trying to start a risk management project in your organization, here are some actionable ideas on what to focus on:

1. Identify your most valuable assets

All 3rd Party data is valuable.  Our clients trust us to manage and protect all of it.  But it is critical to pick a starting point.  To do this, talk with data owners and key stakeholders to find out which types of data are the most sensitive or most valuable.

2. Locate your most valuable assets

You can’t protect sensitive data if you don’t know where it resides.  Is it in the CEO’s mailbox?  Is it propagated across all your Windows file servers and NAS devices?  In order to do this at scale, you’ll need a data classification framework that can scan files on your network for sensitive content indicators.

3. Identify where sensitive data is overexposed

You probably found a ton of high value data in step #2.  Now you have to figure out who can access that data and prioritize data sets that are wide-open to everyone.

Many of us, when we move to a new home, we tend to change the locks. Why? Because we don’t know who has had a key in the past – the owners, realtors, past owners, builders?  This represents a big risk for us and our families.

The same principle applies with 3rd party data.  We need to identify who can access it, and what type of access they have. Then we can identify which data is overexposed, and where permissions need to be tightened up and assigned owners.

4. Monitor Data Access

As my good friend @rsobers says: Context is king. Part of reducing risk is monitoring who is actually accessing the data and what are they doing with it. If we’re constantly monitoring access, we can identify patterns in user behavior and alert when suspicious activity occurs. And if we store the audit data intelligently, we can use it for forensics, help desk, and stale data identification.

5. Use Automation

Are you ready to implement steps 1-4?  Do you have an army of IT staff with nothing planned for the next 50 years?  Luckily, that won’t be needed.  You can use automation to identify the most critical data, understand who can access it, and monitor what they’re actually doing with.

By leveraging automation to provide your security intelligence dashboard, you can spot problems and then use automation (again) to simulate changes and automatically execute the remediation.

There you have it!  Go forth and protect your customers’ data!  Oh, and by the way, there’s a 6th step that doesn’t require IT involvement at allAsk us about it.

Are you curious to see how your company measures up?  Get a free data protection assessment.  We’ll scan your infrastructure for holes and help you plug them with automated data protection and management software from Varonis.

Photo credit: http://www.flickr.com/photos/fayjo/

Shared folders, like coconuts, don’t migrate by themselves

Our new survey on domain and data migrations shows that 95% of organizations move data at least once a year, for any of several reasons— infrastructure upgrades, mergers, acquisitions, and divestitures.

For such a common task, very few organizations (4%) find migrations easy—struggling to maintain availability, to figure out what data should be moved and who it belongs to (data owners), and to manage and maintain access controls during the move.

What are the top 8 things that would make it easier? Read the full research report to find out.

Download Now!

Enjoy, share, embed our infographic. Get more on our research site!

The State of Data Protection

Embed this infographic on your own site

Copy and paste the code below into your blog post or web page:

<a href="https://blog.varonis.com/shared-folders-like-coconuts-don’t-migrate-by-themselves/"><img title="Data on the Move - Infographic" src="https://www.varonis.com/assets/infographics/data-on-the-move.png" alt="Data on the Move" width="600" height="1800" /></a>
<p><small>Like this infographic? Get more <a href="https://blog.varonis.com">data migration</a> tips from <a href="http://www.varonis.com/">Varonis</a>.</small></p>

Your Data is a Mirror

Imagine if the constitution of the United States had been drafted in Microsoft Word, with track changes and comments turned on, and each revision stored in SharePoint or Evernote. Imagine if the founding fathers had had email and we could read the discourse surrounding each iteration.

What were they thinking? If those digital records were available, we could find out.

In fact, many letters from our founding fathers are preserved and available online. Letters from the birth of our young nation are just the beginning of history’s long decrescendo, whose end follows somewhere past whispers from the Dead Sea Scrolls. These documents are treasures in our efforts to make sense of our history and to understand what our ancestors were thinking.

History also reminds us that these treasures can be liabilities—Henry VIII’s (possibly) stolen love letters to Anne Boleyn could have been the work of a long ago Bradley Manning of WikiLeaks’ fame. (On the other hand, these letters might not have been stolen, but simply misplaced, so maybe they’re more like the tweets of Anthony Weiner).

It’s not surprising that today we hesitate to delete our files and emails—they are a connection to our past thoughts and our past selves. Digital content may not reveal exactly what we were thinking, but what clues!

How many times have you forgotten what you did a month or even a week ago and looked back at your outlook calendar to see what you were doing, or reviewed an old email thread to jog your memory about how you arrived at a decision? How often do you look at your old photographs and marvel (or cringe) at who you were then?

If an archeologist of the future wanted to know about you, they’d sift through your email. They’d traverse your wall on Facebook. They’d crawl over your blog. They’d read your Word documents, tab through your presentations, ogle your photos, listen to your podcasts, and watch your videos. What did you tweet when you were in the neighborhood?

As the frequency of communication increases and the capabilities and variety of our mediums grow, the resolution of your digital persona sharpens. Even for the most reclusive or those most schooled in the ways of poker, a silhouette shimmers in ones and zeros, a digital tell leaking bits of past intent.

We should of course recognize the slight contrast between the epistles written by historical icons and the emails, texts, and Instagrams of us ordinary folks.

But who is to say what is treasure and what is trifle? How many of us think that someone may want to get to know our digital specters years from now, and save every byte? If reports on the rise of narcissistic personality disorder turn out to be true, it could be a lot.

 

Defensible Disposal with Automation

It’s no secret that the data on corporate servers is growing exponentially.  Documents, presentations, media, spreadsheets, and other files are constantly  being created and moved onto servers, and after a while, most of it is rarely used, if at all. However, much of this stale data also must be retained in order to comply with regulatory compliance, or to maintain business continuity.

Many IT departments are faced with the reality of having to either continually expand their storage infrastructure or try to accurately determine which data can be safely disposed. The first option is costly and results in basically paying for information you’ll never use, while the latter can be costly in terms of man-hours and brainpower, especially without an automated process in place.

Let’s examine the options a bit closer.

Do Nothing

While it seems like a simpler solution to keep expanding your hardware and try to hold onto every bit just in case it is needed some time in the future, this sort of inaction with regards to defensible disposal is simply not a viable option. Allowing vast amounts of data to accumulate will make it increasingly difficult for users to find relevant data, slow down e-discovery, cause servers to perform poorly, and possibly even crash them, costing your business precious time and money.

Do Anything

Taking the wrong action can be just as damaging. Deleting your CEO’s old email archive might result in a very uncomfortable conversation; disposing of files that you are legally obligated to retain (for HIPAA, HITECH, SOX, etc.) can cost people their jobs, and possibly result in legal action.  That’s something no IT professional ever wants to have to deal with.

Do the Right Thing

It should be clear by now exactly why proper defensible disposal techniques are integral to the survival of any business, especially those with sensitive data. Proper disposal techniques can save money and time by streamlining the process of deleting useless data and allowing for admins to focus on other more pressing needs.

If you’re finding the process itself takes quite a bit of planning and/or some sophisticated technology to do most of the heavy lifting, consider automating with technology like the Varonis Data Transport Engine.  Varonis DTE simplifies the process of defensible disposal by leveraging our Metadata Framework, allowing admins to automatically and continually delete or migrate data based on a wide array of criteria, such as the content of the file or the date it was last accessed by a human user.  This ensures that information that needs to be retained isn’t disposed of by accident and the data that can be safely deleted proceeds safely to bit-heaven, or bit bucket, or /dev/null.

Tell us what you do:

There’s More to Learn About Data Migration And The Varonis DTE

For those who’ve been following along, you’ll know we’ve just beta launched our Data Transport Engine. By the way, you can sign up here to trial DTE.  For the rest of you, here’s our brief (in under 144 characters) refresher course: we have an approach to data migration that respects existing metadata, ensures security, and allows for live updates during an in-progress copy.

Obviously there’s way too much IT context around data migration to be completely covered in a few posts and videos.  So we’ve come up with a guide, for both pros and newbies alike, that explains the current state of large-scale data migrations and the risks we see in business-as-usual data administration.

We also detail how the Data Transport Engine avoids the pitfalls of legacy techniques and eliminates data outages and compromises to data integrity. The quick explanation is that DTE rests on our Metadata Framework, adding data motion and access control translation capabilities. This allows us to automate intelligent, on-the-fly data sync processes that don’t interrupt your current operations

But you’ll want to read the whole paper to learn why your current practices fall short of an idea solution and find out more about the advantages of the Varonis Data Transport Engine.

Introducing Varonis Data Transport Engine

For years, Varonis customers have been using Varonis DatAdvantage and the IDU Classification Framework to find data sets that they want to move or delete—stale data, active data, sensitive data, data belonging to department X or Y. Being able to easily find data based on permissions, activity, content, and other metadata accelerates lots of common IT data projects like migrations, mergers & acquisitions, archival, and disposition.

What would make it even easier? What if you could automatically copy, move, or delete data once you find it, without downtime, across domains or across platforms? What if you could automatically translate and optimize the permissions during a move, and simulate the move to see and edit the new directory and permissions structure before executing?

Now you can. Check out the new Varonis Data Transport Engine.

Find out more!

Put Data Migration on Your Fall IT To-Do List

In the US, Labor Day weekend is the traditional dividing line between end-of-summer vacations and the start of serious back-to-work initiatives. With 2012’s final quarter fast approaching, you’re no doubt adding a few discussion items for the next IT management meeting. Here’s a bullet point we think you’ll want to look into: start planning for that data migration project you’ve been postponing!

IT pros know that moving or migrating large amounts of critical corporate data is never a simple procedure if your plan includes—and it should—minimal or no disruption to current operations. Even in the simple case of replacing an aging file server with a newer model, data administrators have quite a few things to take into account.

To begin, they’ll likely want to streamline directory hierarchies and clean out stale files while maintaining the existing permission structure for their users. There’s also the job of choosing the best time slot to cutover to the new servers—which would, of course, require knowing how much time to allocate for transferring terabytes of data.

We could go on because we’re just only touching on the considerations in this base scenario. For example, if you’re archiving data for compliance reasons or transferring data between domains, you’ll have even more challenges to take into account. Have you really thought through, say, the implications of moving data and permissions between NTFS and SharePoint?

No wonder why you’ve been finding excuses to not retire old servers or perform extensive housekeeping on your company’s files.

At Varonis, we build data management solutions that focus on the data about the data—the metadata. Check back in with us tomorrow to see how our Metadata framework technology will be extended to untangle the complexity involved with planning, testing, and executing a successful migration.

So push that data migration project back to the top of list of projects you’ll want to take on this fall.  We’ll make it an easy one for you to check off.

Image credit: courtneyrian