Category Archives: Customer Success

University Secures Sensitive Student Data with Varonis

University Secures Sensitive Student Data with Varonis

When hackers successfully breached a nearby university, the IT staff at Loyola University Maryland knew they had to act fast to secure their own environment. Academic institutions are prime targets for cyber criminals. A large university often has sensitive personal identifiable information (PII) and protected health information (PHI) on tens of thousands of students.

During a Varonis risk assessment, Loyola gained visibility into the information housed on their network. They discovered large amounts of PII and PHI that had to be managed and secured immediately. Previously, Loyola staff would have needed to take manual steps to organize and protect this information. Automated tools from Varonis expedite the process while helping Loyola stay compliant with standards such as GLBA, PCI and FERPA.

According to Louise Finn, CIO at Loyola University, “The exfiltration of data is light speed. So having a tool that’s running in the background — always scanning and looking based upon behaviors that it’s absorbing — is such a win for us.”

Interested in getting your own free risk assessment? Sign up here.

Getting the Most Out of Data Transport Engine

Getting the Most Out of Data Transport Engine

If you don’t need it, get rid of it. If it’s sensitive, make sure sure it’s in the right place, and only accessible to those who need it. Old files are expensive and risky, which is why we have retention and disposition policies for what should happen to data that we don’t need anymore.

The Data Transport Engine (DTE) is a component of the Varonis Data Security Platform that lets you automate these kinds of policies at the file or folder level, so you can automatically move data to where it’s supposed to be.

How does it work?

DatAdvantage collects directory information (users and security groups from Active Directory and local accounts), file system permissions (access control lists, or ACLs), classification information on which files contain PII or other sensitive data, and a record of access activity by all users and service accounts. With all of this information, Varonis knows where your data is, who’s got access to it, which files might be sensitive, and exactly what’s being used (or not and by whom).

With DTE, you can create file and folder transportation rules based on this metadata, so DTE will move files from one location to another that match the rule. For example, you can automatically move files that haven’t been accessed (by a human being!) in more than seven years to meet your retention policy. You can also create rules based on content, so if someone puts something sensitive where it’s not supposed to be, like an open SharePoint site, a DTE rule could automatically put it some place safe.

What are some popular use cases?

Stale Data Cleanup

Setting up DTE to clean up old data is straightforward, and leaving stub files behind means that user can still have access to archived data if needed.

One customer had an interesting variation on this use case. They needed to archive a lot of data, but with one important exception: any financial records that met certain criteria couldn’t be moved or modified in any way because of a compliance issue. They used DTE to identify and move the special financial records to separate folders with a unique naming scheme. Then they created their automated retention policy with a clause to exclude those folders from the retention rule’s scope.

You can run stale data cleanup jobs manually with DTE or configure automated retention rules that constantly scan for data that is old enough to archive.

Data Classification Rules

Sensitive Data Migration

Your security policy might dictate where sensitive or regulated data should live (or where it shouldn’t) and who should have access to it (or who shouldn’t). Customer data with PII can’t live in folders open to everyone in the company, for example, or in personal drives. Since DTE rules can use the sensitive data scans from our Data Classification Framework (DCF), you can move sensitive files where they’re supposed to be.

One customer took this a step further and enhanced the DTE rule to modify the permissions of the files in transit. DTE rules can be set to modify permissions so the destination data is more secure than the source. In this case, the DTE rule was set so that once files get to the destination folder, file system permissions were overridden to inherit from the parent folder. This simplifies their security and helps make sure the right people have access once the data it moved.

What if someone drops a sensitive file somewhere by accident? Just like with stale data, you can set DTE rules that affect sensitive data to automatically quarantine them some place safe.

Classification Rules

Migrating Everything, Even Between Domains

Migrations and consolidations can be massive projects, like in the case with one large telecom customer we have who went from hundreds of individually-managed, remote Windows file servers down to just a few very large NAS devices. Instead of having to manually migrate each server to a NAS and then re-create all of the file system permissions in the destination domain, DTE managed the whole process automatically.

In this case, the movement rules were set up to re-permission the data at the destination NAS devices, too. This is important if your migration is between Active Directory domains, since if you don’t re-permission the data, no one will be able to access anything if the old domain goes away. DTE will re-create the groups in the new domain so you can automate that part of the process as well.

Want to set DTE rules up for yourself? Check out this how-to guide or video. If you’re not running DTE, contact us about lighting up a trial license so you can see how it works.

City of San Diego Uses the Varonis Data Security Platform to Defend Against...

City of San Diego Uses the Varonis Data Security Platform to Defend Against Half A Million Attacks Per Day

The City of San Diego provides city services to more than 1.3 million people who live and work in Southern California. To provide these services, the City operates 24 networks, about 40,000 endpoints spread across the county and 14,000 desktops in everything from police cars, trash trucks and city buildings.

In order to continue to defend against the half a million cyberattacks a day, including 10-15 ransomware assaults, the City realized they needed a solution that adequately addressed data level security: tracking who is accessing the data and what is being done with it.

After a careful evaluation, the City of San Diego chose to implement the data security platform from Varonis, which includes Data Classification FrameworkDatAdvantage for Windows and Directory Services and DatAlert solutions.

Varonis DatAlert helps the City identify and stop ransomware attacks, providing context about the extent of damage so the City can respond quickly and stop it from expanding across share drives and destroying folders.

The City also uses the Data Classification Framework and DatAdvantage for auditing and protection on 5 petabytes of data, many of which is old, untouched and duplicated. With the help of Varonis, they can identify the data they need for business operations and archive or remove unnecessary duplicates, freeing up almost 30% critical space and saving money.

Click here to read the full case study

Genesis Financial Solutions Takes Proactive Approach to Protect their Data

Genesis Financial Solutions Takes Proactive Approach to Protect their Data

Genesis Financial Solutions is a financial institution, lender and America’s largest source of second-look financing. They really understand how important it is to keep their data secure from insider threats and cyberattacks.

They were seeking a solution that would give them insight into their sensitive data and improve the effectiveness of their regulatory compliance. With ransomware on the rise, Genesis also wanted a way to quickly alert the IT staff to any unusual file access patterns.

Their search led them to Varonis. With their implementation of DatAdvantage and DatAlert now under their belt, Genesis keeps the sensitive data secure from theft and vulnerability.

Varonis DatAdvantage provides the company with a strong data ownership program, identifying sensitive data within minutes and determining who has and who should have access to it. Genesis acknowledged the ease of this process, noting the time saved and the fact that they did not have to enlist additional staff.

Genesis benefits from Varonis DatAlert’s ability to automatically detect when users are accessing files that diverge from their past histories. They currently have an alert configured to automatically spot unusual administrative access patterns – often a sign of an attacker at work.

Click here to read the full case study

Hugh Chatham Memorial Hospital Improves Their Data Security Posture with Va...

Hugh Chatham Memorial Hospital Improves Their Data Security Posture with Varonis

With more than a terabyte of network file shares to clean up, Hugh Chatham Memorial Hospital enlisted Varonis to help them protect against data breaches, increase security, and to prevent ransomware.

Not only did the hospital’s overall security posture improve with the implementation of the Data Classification Framework, DatAdvantage for Exchange and Windows, and DatAlert, it also freed up the IT department’s time spent on recovering data.

Lee Powe, CIO, Hugh Chatham Memorial Hospital said, “When I receive a compliance request for a report on a particular user and their file activity over a specific period of time, it takes me less than a minute to run. Before Varonis, it would have taken hours and hours going through log files to try and compile a user’s activity in relation to network file shares.”

Hugh Chatham Memorial Hospital can now easily identify who has access to which files, meeting one of many HIPAA requirements. Also with DatAlert, they can get alerts on unusual activity, spotting potential insider threat as well as ransomware.

Learn more about the success of this collaborative effort in the full case study.

American Health Insurance Plans Stay Secure With Varonis

American Health Insurance Plans Stay Secure With Varonis

For any organization in the health insurance industry, security is a top priority. American Health Insurance Plans (AHIP) understood the need to enforce security within its organizations in order to stay safe from insider threats. That’s when extensive search led to the implementation of Varonis Data Transport Engine, DatAdvantage, and DatAlert.

AHIP was formed in 2003 through the merger of two trade associations; Health Insurance Association of America (HIAA) and American Association of Health Plans (AAHP). Because of the merger, two large file servers needed to coincide and, as you can imagine, that’s a lot of permissions to deal with. Once Varonis Data Transport Engine was implemented, it was able to locate and move the sensitive data that had broader access left in place following the merger.

Click to read the full case study

Protecting Bridget Jones’s Baby

Protecting Bridget Jones’s Baby

In the wake of the Sony Pictures breach, studios are getting much smarter when it comes to data protection. A shining example is Miramax, a global film and television studio best known for its award-winning and original content such as 2016’s Bridget Jones’s Baby with Universal Pictures and Studio Canal.

Read the full case study ⟶

Miramax was looking for a solution that could monitor for insider threat and user behavior activity, and help classify its unstructured data for content discovery, remediation, and protection—that’s when implementation of Varonis DatAdvantage, DatAnswers, and Data Classification Framework all came into play.

Denise Evans, VP of Information Technology at Miramax mentioned, “Prior to implementing a least privilege model with Varonis, 40% of our files were overexposed when they didn’t need to be. This kind of exposure isn’t a problem until a  security breach occurs. Should there be a breach, we’re now able to quickly identify and target problem areas in a manner we weren’t previously able to do.” With the help of Varonis, Miramax was able to put in place a least privilege model, so that users only had access to the files they needed to do their jobs.

What’s also really compelling about this story is that Miramax is using our secure search product DatAnswers to enhance productivity. Miramax can now support eDiscovery requests and get very accurate search results that save the company time and money.

Click to read the full case study:

Varonis Connect Customer Conferences: Ready, Set, Go!

Varonis Connect Customer Conferences: Ready, Set, Go!

It’s that time of year again! We’ve kicked off our annual series of Varonis Connect events and due to high customer demand, we’ve doubled the number of events from 2015 to 2016 – we’re expecting twice as many customer attendees.

Varonis Connect events are free educational and networking conferences that we expect to draw more than one thousand IT leaders from across North America and Europe over the next few months to learn about our new product innovations and share experiences and success stories. Connect attendees will learn how to use our solutions for an increasing range of use cases, including data security, governance and compliance, user behavior analytics, archiving, search, and file synchronization and sharing. Our engineering and product teams will be on hand to provide attendees with personalized consultations.

Our customers tell us that they look forward to meeting with their peers across different industries to discuss best practices using Varonis solutions. We’re confident that customers will walk away from their local Varonis Connect event feeling  more knowledgeable about the different ways our solutions can help them protect data from insider threats and cyberattacks.

Through these events, our online community and regular communications to our worldwide customers, Varonis Connect is a continuous interactive commitment we make to the thousands of conscientious, forward-thinking IT professionals who rely on Varonis to keep their data secure.

Here’s the 2016 Connect Event Lineup:

United States & Canada:

  • April 12: Boston, MA
  • April 12: Charlotte, NC
  • April 19: Atlanta, GA
  • April 21: Washington, D.C.
  • May 10: Calgary, Alberta, Canada
  • May 11: Seattle, WA
  • May 12: Portland, OR
  • May 17: Tampa, FL
  • May 18: New York, NY
  • May 24: Chicago, IL
  • May 25: Cincinnati, OH


  • April 13: Milan, Italy
  • April 20: Amsterdam, Netherlands
  • April 21: Brussels, Belgium
  • April 28: London, England
  • May 3: Munich, Germany
  • May 10: Luxembourg
  • May 11: Paris, France
  • May 12: Geneva, Switzerland
  • May 18: Zurich, Switzerland

Varonis Connect 2016 is free and open to Varonis customers. If you would like to inquire about attending or would like to receive an invitation, please email

We look forward to seeing you!

Varonis Keeps Union Bank’s Data Safe from Insider Threats and External At...

Varonis Keeps Union Bank’s Data Safe from Insider Threats and External Attacks

Today we’re excited to share another interesting customer success story out of the UK. Union Bank UK PLC needed better visibility into the different types of sensitive data its employees were storing and accessing across its file systems. Regulatory requirements necessitated that the bank’s IT department regularly audit and report on who was accessing sensitive data, when and where, but they had no way of doing so efficiently. Also, with malware and ransomware on the rise, the bank needed a solution that could quickly alert the IT staff to unusual file access behavior such as rapid encryption of files stored on its servers.

The search led Union Bank’s IT team to our DatAdvantage and DatAlert solutions. Union Bank’s IT team is now alerted in real-time to any breach of its file systems, and they’re able to put control over file access in the hands of data owners, eliminating much of the burden previously placed on their team. They are also able to keep an eye on access privileges and ensure that no one is getting access to data that they do not need.

  • DatAdvantage makes it easy to see and report on who can access, and who does access data in the bank’s Windows, Exchange, and Active Directory environments by tracking and monitoring file activity.
  • Union Bank can intelligently identify who owns which data, and can alert on unusual activity through DatAlert, which uses user behavior analytics to spot insider threats like abusive administrators, ransomware, compromised accounts, and rogue employees.
  • Keeping files secure when employees leave the company was another important capability identified by Union Bank. Varonis allows the bank to monitor and baseline employees’ access profiles and detect if files are unusually accessed prior to their departure.

David Pennant, an IT Manager at Union Bank told us, “Before Varonis we had no real view of what was happening on the file servers or changes happening on a day-to-day basis. We can’t afford to spend a large amount of time sifting through logs – we need to stay focused on day-to-day tasks and therefore needed a more efficient approach. It was obvious straight away that Varonis could give us the automated, efficient approach we were looking for. Thanks to Varonis, IT now has better insight into the bank’s data, and that of course reduces security risk, which is something which you can’t always put a price on.”

Varonis Risk Assessments quickly show you where your most vulnerable data is stored, who is accessing it, and what needs to be done to secure it.  Learn more here.

Varonis Gives Havas Media a DatAdvantage Over Its Competition

Varonis Gives Havas Media a DatAdvantage Over Its Competition

When multiple media companies were merged under the Havas Media Group brand, John Clark, group network manager, quickly realized that distinguishing the permissions for the various companies’ data wasn’t going to be an easy task.

To help manage the transition effectively and securely, he needed a solution that could provide:

  • Visibility into user and group permissions
  • Easy control over data access and permissions
  • Ensure data security

After implementing Varonis DatAdvantage for Windows – in less than half a day – Havas Media significantly reduced the time it takes for the IT team to find out who is accessing, using, and deleting information from its Windows environments. Having DatAdvantage in place has helped improve security, decrease the time it takes to conduct internal audits and create reports, and gives Havas Media clients peace of mind that their data is secure.

Other benefits include:

Reduced possibility of insider threats: With a growing number of high profile brands on its client roster, Havas needed to be prepared to prove that its data is secure.

According to Clark, “With Varonis, we can prove internally and to our clients who has touched which data, and that people don’t have access to data to which they shouldn’t have access. Varonis has not only helped us to automate the permissions process while giving our clients peace of mind that their data is safe, it’s also resulted in an advantage over the competition when we pitch new clients.”

Better control and simplified management: With data spanning newly merged companies, Havas Media needed to accelerate data assessments and user data access management and ensure on an ongoing basis that only the right employees have access to the appropriate client data.

“Varonis DatAdvantage helped us get rid of the chaos, or what could have been chaos, that comes with figuring out permissions when companies are acquired under a new brand. Varonis helped make the transition much smoother,” explained Clark. “In IT, it’s a common problem to deal with permissions that seem correct, but don’t filter down properly, so you get a lot of helpdesk calls from users who can’t access what they think they should be able to. Varonis’ ability to find inconsistencies using visual indicators has been a huge help and errors have been greatly reduced.”

Looking Ahead

Clark also pointed out that the company has plans to move at least 80% of its infrastructure to the cloud. With so much unstructured data moving around and placed in different environments, Clark realized that it would be “hard to find and even harder to police,” however, with help from DatAdvantage, he and his team are confident the transition will be much easier.

“Changing security privileges on large amounts of unstructured data can cause all sorts of havoc, especially if a mistake is made. But being able to avoid mistakes by testing changes before implementing them obviously causes less stress on the company, especially the IT department. Varonis DatAdvantage has been very good at helping us do this.”

“I am very pleased with Varonis DatAdvantage, and hope to plant seeds that will grow from acorns to oaks when it comes to implementing other products in the Varonis suite,” concluded Clark.

Read the complete Havas Media case study here.

Varonis Risk Assessments quickly show you where your most vulnerable data is stored, who is accessing it, and what needs to be done to secure it. Find out more here.