bring your own servicecloud explosion • public$cloud$file$sharing$has$exploded$ •...
TRANSCRIPT
![Page 1: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/1.jpg)
Bring Your Own Service The Effects of Cloud Services on Compliance and Data Protec:on
© 2013 Varonis Systems. Proprietary and confidential. !
![Page 2: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/2.jpg)
Cloud Explosion
• Public cloud file sharing has exploded • As of November 2012, Dropbox claimed to have 100,000,000 customers
Page 2
© 2013 Varonis Systems. Proprietary and confidential. !
![Page 3: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/3.jpg)
Hey boss, can I use Dropbox?
Page 3
© 2013 Varonis Systems. Proprietary and confidential. !
![Page 4: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/4.jpg)
Why not?
• Risk • Control • Complexity
Page 4
© 2013 Varonis Systems. Proprietary and confidential. !
![Page 5: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/5.jpg)
Too bad! We’re doing it anyway
1 in 5 Employees use Dropbox for work!
Page 5
© 2013 Varonis Systems. Proprietary and confidential. !
Source: Nasuni http://www6.nasuni.com/shadow-it-2012.html
![Page 6: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/6.jpg)
What can we do about it?
• Given what end-‐users want: ! Simplicity
! Accessibility ! Mobile support
• And what organiza:ons need: ! Control
! Compliance ! Security
Page 6
© 2013 Varonis Systems. Proprietary and confidential. !
![Page 7: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/7.jpg)
Page 7
© 2013 Varonis Systems. Proprietary and confidential. !
What are the options?
![Page 8: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/8.jpg)
Every business is different
Page 8
© 2013 Varonis Systems. Proprietary and confidential. !
![Page 9: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/9.jpg)
Page 9
© 2013 Varonis Systems. Proprietary and confidential. !
To the cloud!
![Page 10: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/10.jpg)
How does this affect data protection?
• You’re s:ll responsible according to the Informa:on Commissioner’s Office (ICO) • Unless you are geVng rid of all internally stored data, you’ll need to extend your controls and processes: ! Backup & recovery ! En>tlement reviews
! Classifica>on ! Reten>on ! Access audi>ng
! Change control Page 10
© 2013 Varonis Systems. Proprietary and confidential. !
![Page 11: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/11.jpg)
What about compliance?
• Will vary by country • Regula:ons can be complicated:
! EU – 1995 Data Protec>on Direc>ve (DPD) provides framework for separate laws in EU member na>ons − In 2012 , EU introduced a revision to DPD to make laws more uniform – e.g., personal data iden:fiers vary by na:on – and placed under single authority.
! US – Personal data protec>on spread across different agencies (SEC, FTC, & HHS) and based on different legisla>on. Some key ones: − HIPAA, FCRA (Fair Credit Report Act), Gramm-‐Leach-‐Bliley, COPPA, Sarbanes-‐Oxley.
Page 11
© 2013 Varonis Systems. Proprietary and confidential. !
![Page 12: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/12.jpg)
Key strategic decisions
• Which data are we moving? All, some, most? • How do we select the data we’re going to move? • Do we keep a duplicate copy inhouse? • If so, which is the master copy? • How do internal users synchronize with external users? • How do we get the data back out of the cloud? • How do we ensure compliance if we can’t monitor access?
Page 12
© 2013 Varonis Systems. Proprietary and confidential. !
![Page 13: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/13.jpg)
5 phase process to ensure cloud readiness
• Enable Audit Trail • Inventory Permissions Profile Data Use & Authoriza>on Structure
• Classify and Tag Sensi:ve, High Profile Data Iden>fy Cri>cal Data
• Global Access Groups • Excessive Group Membership Reduce Excess Access
• Perform En:tlement Reviews • Formalize and Enforce Exis:ng Processes
Iden>fy Key Users & Owners
• Authoriza:on • Recer:fica:on • Handling Policies for Sensi:ve Data
Define & Implement DG Policies
© 2013 Varonis Systems. Proprietary and confidential. !Page 13
Risk
![Page 14: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/14.jpg)
Page 14
© 2013 Varonis Systems. Proprietary and confidential. !
Extend your existing infrastructure
![Page 15: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/15.jpg)
69% want to keep data inhouse
Page 15
© 2013 Varonis Systems. Proprietary and confidential. !
![Page 16: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/16.jpg)
Why is that?
Page 16
© 2013 Varonis Systems. Proprietary and confidential. !
![Page 17: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/17.jpg)
What to look for in a solution
• Do I have to move my data? • Can I use my exis:ng Ac:ve Directory users/groups? • Do I have to re-‐permission data? • Can I quickly iden:fy who has access to what? • Can I monitor and audit who is touching data? • Can I detect when sensi:ve data is being synchronized? • Can I safely make changes to permissions?
Page 17
© 2013 Varonis Systems. Proprietary and confidential. !
![Page 18: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/18.jpg)
Varonis DatAnywhere
Provide cloud usability using only exis:ng infrastructure: • There’s a folder • You put stuff in it • It syncs…
! With your exis-ng storage (NAS, file servers, SharePoint)
! Using Ac-ve Directory creden-als ! Using your exis-ng file system permissions
Page 18
© 2013 Varonis Systems. Proprietary and confidential. !
![Page 19: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/19.jpg)
Step 1: Login
Login with your domain creden:als (Ac:ve Directory) and/or mul:-‐factor authen:ca:on
Page 19
© 2013 Varonis Systems. Proprietary and confidential. !
![Page 20: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/20.jpg)
Step 2: Collaborate
Your sync’d folders appear in explorer Changes sync to your CIFS servers
© 2013 Varonis Systems. Proprietary and confidential. !
![Page 21: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/21.jpg)
See Sync Speeds and Notifications
Page 21
© 2013 Varonis Systems. Proprietary and confidential. !
![Page 22: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/22.jpg)
Mobile Apps
Page 22
© 2013 Varonis Systems. Proprietary and confidential. !
![Page 23: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/23.jpg)
Right click for instant Extra-net
Page 23
© 2013 Varonis Systems. Proprietary and confidential. !
![Page 24: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/24.jpg)
Secure Collaboration with 3rd Parties
Set Permissions and Expira:on dates Share with partners, customers, vendors, and clients
Page 24
© 2013 Varonis Systems. Proprietary and confidential. !
![Page 25: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/25.jpg)
Integrates with Data Governance Suite
• Use DatAdvantage to manage permissions • Use DataPrivilege to automate authoriza:on • DatAnywhere ac:vity is recorded by DatAdvantage
Page 25
© 2013 Varonis Systems. Proprietary and confidential. !
![Page 26: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/26.jpg)
Governance Suite – Real World Example:
Data owners can review DatAnywhere ac:vity just as they would for any normal file share.
Page 26
© 2013 Varonis Systems. Proprietary and confidential. !
![Page 27: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/27.jpg)
Windows
Mac
Smart
Phone
Tablet
DatAnywhere Client
DN Edge server
Sync Manager
Sync Worker
Sync Worker
DN Edge server
Client authoriza:on
DatAnywhere Architecture
Windows File Systems
UNIX/ Linux
NAS
MS Ac>ve Directory
Sync Manager
CIFS/NFS HTTPS
![Page 28: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/28.jpg)
Sample Deployment
Page 28
© 2013 Varonis Systems. Proprietary and confidential. !
![Page 29: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/29.jpg)
Summary
• Cloud-‐style sharing and BYOD may be inevitable • Organiza:ons must choose a direc:on before the employees choose one for them • Organiza:ons have a choice between moving data to the cloud, or extending their exis:ng infrastructure to provide cloud-‐style capabili:es in-‐house • Whichever direc:on your organiza:on chooses, governance will be instrumental for secure collabora:on
Page 29
© 2013 Varonis Systems. Proprietary and confidential. !
![Page 30: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/30.jpg)
One more thing…
• Do any of these ques:ons look familiar? ! Who has and should have access to which folders? ! What folders does a user/group have access to? ! Who uses all this data & what are they doing? ! Who does it belong to? ! What’s stale? ! What’s sensi>ve? And exposed?
• Are your authoriza:on processes manual? ! Gran>ng access? ! Reviewing access?
• Are reten:on and migra:on projects manual? ! New NAS? New Domain? Cross pla`orm? ! How do we find the data we’re supposed to move? Delete?
Page 30
© 2013 Varonis Systems. Proprietary and confidential. !
![Page 31: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/31.jpg)
Varonis Solutions for Human Generated Content
Page 31
© 2013 Varonis Systems. Proprietary and confidential. !
Governance, Risk, & Compliance
Accessibility & Collabora:on
Electronic Reten:on
Ensures that only the right people has access to the right data at all times, access is monitored and abuse is flagged
Extends existing infrastructure to provide private cloud file synchronization and sharing, while ensuring all data remains within the organization, and existing permissions are enforced.
Intelligently automates data disposition , archiving and migration process using the intelligence of the Varonis Metadata Framework
• DatAdvantage • DataPrivilege • IDU Classification
Framework
![Page 32: Bring Your Own ServiceCloud Explosion • Public$cloud$file$sharing$has$exploded$ • As$of$November$2012,$Dropbox$claimed$to$have$ 100,000,000$customers$ Page 2 © 2013 …](https://reader034.vdocuments.net/reader034/viewer/2022050302/5f6b87dee9287500b720f54c/html5/thumbnails/32.jpg)
Page 32
© 2013 Varonis Systems. Proprietary and confidential. !
Thank you!