All posts by Michelle Grossberg

City of San Diego Uses the Varonis Data Security Platform to Defend Against...

City of San Diego Uses the Varonis Data Security Platform to Defend Against Half A Million Attacks Per Day

The City of San Diego provides city services to more than 1.3 million people who live and work in Southern California. To provide these services, the City operates 24 networks, about 40,000 endpoints spread across the county and 14,000 desktops in everything from police cars, trash trucks and city buildings.

In order to continue to defend against the half a million cyberattacks a day, including 10-15 ransomware assaults, the City realized they needed a solution that adequately addressed data level security: tracking who is accessing the data and what is being done with it.

After a careful evaluation, the City of San Diego chose to implement the data security platform from Varonis, which includes Data Classification FrameworkDatAdvantage for Windows and Directory Services and DatAlert solutions.

Varonis DatAlert helps the City identify and stop ransomware attacks, providing context about the extent of damage so the City can respond quickly and stop it from expanding across share drives and destroying folders.

The City also uses the Data Classification Framework and DatAdvantage for auditing and protection on 5 petabytes of data, many of which is old, untouched and duplicated. With the help of Varonis, they can identify the data they need for business operations and archive or remove unnecessary duplicates, freeing up almost 30% critical space and saving money.

Click here to read the full case study

Varonis Earns Recognition in Computing Security Awards 2016

Varonis Earns Recognition in Computing Security Awards 2016

We are proud to announce that we have been recognized by Computing Security Awards 2016 in the following two award categories:

The Awards Ceremony took place on Thursday October 13, 2016 at the Cumberland Hotel, in Marble Arch, London.

Our award winning product, DatAdvantage, shows you where sensitive data lives, where it is overexposed, who is accessing it, and how to lock it down. DatAdvantage gives IT departments the ability to analyze, manage, and secure all forms of unstructured data. Our sophisticated threat models also analyze behavior across multiple platforms and alert on any suspicious activity and potential data breaches.

Our joint win with Union Bank is another great success story. Union Bank first found Varonis while on their quest for better visibility into their sensitive data. Also, with malware and ransomware on the rise, the bank needed a solution that could quickly alert the IT staff to unusual file access behavior such as rapid encryption of files stored on its servers. Union Bank’s IT team is now alerted in real-time to any breach of its file systems. They are also able to keep an eye on access privileges and ensure that no one is getting access that is not necessary.

David Gibson, Varonis Vice President of Strategy and Market Development, said, “At Varonis, we empower companies to discover where their sensitive data is overexposed, uncover vulnerable or stale data, lock it down without interrupting their businesses activities, and alert on unusual activity. Administrators can manage and visualize permissions, mapping groups of users to only the data they need access to. Varonis user behavioral monitoring and profiling offers what we believe is an unmatched ability to monitor and protect data from ransomware infections, hijacked accounts, disgruntled employees, abusive administrators, and other suspicious insider threat actions. We are delighted to have won the Auditing / Reporting Solution of the Year and to have been honored with the award for Security Project of the Year at the 2016 Computing Security Awards.”

Thanks to all who voted!

For the full list of winners click here.

IT Concerns Country to Country: Ponemon Institute Study

IT Concerns Country to Country: Ponemon Institute Study

Varonis recently released the third and final part of a study about data protection and enterprise security with the Ponemon Research institute: Differences in Security Practices and Vigilance across UK, France, Germany and US.

This report compares survey responses of more than 3,000 IT professionals and end-user employees in UK, France, Germany and US. The survey was conducted to determine the security gaps within organizations that can lead to data breaches and ransomware.

Some key findings from Release 3 include:

  • Employees in the UK, France, Germany, and the US say insiders who are negligent are more likely to put the organization’s data at risk than external attackers or insiders acting with malicious intent.
  • 50% of German employees say they take all appropriate steps to protect the company data they access and use. (Compared with 39% of UK employees, 37% of French employees and 35% of US employees)
  • 44% of German employees say their organizations strictly enforce policies against the misuse or unauthorized access to company data (Well above the responses to the same question in the UK (35%), US (32%) and France (29%).)
  • 39% of IT professionals in Germany believe their organizations fully enforce a strict least privilege model (which means access to company data only on a need-to-know basis) for file shares and other collaborative data stores. (Much higher than the confidence levels in the US (29%), France (25%) and UK (23%).)
  • Although German IT pros are least likely to say their organizations have experienced ransomware (12% compared with 17% in the US, 16% in France and 13% in the UK), they express the highest levels of concern about the threat of ransomware (83% very or extremely concerned in Germany compared with 80% in France, 77% in the US and 63% in the UK).
  • Asked if their organizations have experienced the loss or theft of data in the last two years, the highest response among IT people was in the US (82%), followed by France (80%), UK (76%), and Germany (64%).
  • In Germany, both employee end users (30%) and IT staff (45%) are more likely than in the other countries to believe their management would accept a decline in productivity in order to prevent security risks. The same question produced less optimism about this balance in the UK (25% of employees, 34% of IT), France (23% of employees, 35% of IT), and the US (21% of employees, 30% of IT).
  • The top three security threats that most concern IT professionals differ in each country. However, it was concluded that IT Professionals in Germany are more confident about data protection than the other countries surveyed:
    • France:
      • Insiders who are negligent: 67%
      • Outside attackers who compromise insider credentials: 53%
      • Malicious contractors: 40%
    • UK:
      • Insiders who are negligent: 61%
      • Outside attackers who compromise insider credentials: 55%
      • Malware: 47%
    • US:
      • Insiders who are negligent: 61%
      • Outside attackers who compromise insider credentials: 55%
      • Malware: 47%
    • Germany:
      • Outside attackers who compromise insider credentials: 66%
      • Malware: 46%
      • Malicious contractors: 41%
      • Insiders who are negligent: 36%

Despite the differences among the countries in regards to security threats, the continuing increase in data loss and theft is consistent. Sensitive information, which is valuable to all companies, needs to be well-protected, and access and activity needs to be monitored.

Find out how Varonis helps reduce risk and increase productivity and efficiency.

Further Reading:

  • Release 1 of the 2016 report, titled “Closing Security Gaps to Protect Corporate Data: A Study of U.S. and European Organizations,” can be found here. Key findings included a huge rise in data loss.
  • Release 2, titled “The Widening Gap between IT and End Users,” can be found here. It compares end-user practices and beliefs with those of their colleagues in IT security.

Genesis Financial Solutions Takes Proactive Approach to Protect their Data

Genesis Financial Solutions Takes Proactive Approach to Protect their Data

Genesis Financial Solutions is a financial institution, lender and America’s largest source of second-look financing. They really understand how important it is to keep their data secure from insider threats and cyberattacks.

They were seeking a solution that would give them insight into their sensitive data and improve the effectiveness of their regulatory compliance. With ransomware on the rise, Genesis also wanted a way to quickly alert the IT staff to any unusual file access patterns.

Their search led them to Varonis. With their implementation of DatAdvantage and DatAlert now under their belt, Genesis keeps the sensitive data secure from theft and vulnerability.

Varonis DatAdvantage provides the company with a strong data ownership program, identifying sensitive data within minutes and determining who has and who should have access to it. Genesis acknowledged the ease of this process, noting the time saved and the fact that they did not have to enlist additional staff.

Genesis benefits from Varonis DatAlert’s ability to automatically detect when users are accessing files that diverge from their past histories. They currently have an alert configured to automatically spot unusual administrative access patterns – often a sign of an attacker at work.

Click here to read the full case study

Hugh Chatham Memorial Hospital Improves Their Data Security Posture with Va...

Hugh Chatham Memorial Hospital Improves Their Data Security Posture with Varonis

With more than a terabyte of network file shares to clean up, Hugh Chatham Memorial Hospital enlisted Varonis to help them protect against data breaches, increase security, and to prevent ransomware.

Not only did the hospital’s overall security posture improve with the implementation of the Data Classification Framework, DatAdvantage for Exchange and Windows, and DatAlert, it also freed up the IT department’s time spent on recovering data.

Lee Powe, CIO, Hugh Chatham Memorial Hospital said, “When I receive a compliance request for a report on a particular user and their file activity over a specific period of time, it takes me less than a minute to run. Before Varonis, it would have taken hours and hours going through log files to try and compile a user’s activity in relation to network file shares.”

Hugh Chatham Memorial Hospital can now easily identify who has access to which files, meeting one of many HIPAA requirements. Also with DatAlert, they can get alerts on unusual activity, spotting potential insider threat as well as ransomware.

Learn more about the success of this collaborative effort in the full case study.

American Health Insurance Plans Stay Secure With Varonis

American Health Insurance Plans Stay Secure With Varonis

For any organization in the health insurance industry, security is a top priority. American Health Insurance Plans (AHIP) understood the need to enforce security within its organizations in order to stay safe from insider threats. That’s when extensive search led to the implementation of Varonis Data Transport Engine, DatAdvantage, and DatAlert.

AHIP was formed in 2003 through the merger of two trade associations; Health Insurance Association of America (HIAA) and American Association of Health Plans (AAHP). Because of the merger, two large file servers needed to coincide and, as you can imagine, that’s a lot of permissions to deal with. Once Varonis Data Transport Engine was implemented, it was able to locate and move the sensitive data that had broader access left in place following the merger.

Click to read the full case study