Challenges
Securing PII, PCI, GDPR, CCPA, and other sensitive information
As a financial services firm, one Varonis client (anonymous by request) is responsible for protecting a host of sensitive
data, including non-public research, financial transaction records, client information, and employee information (PII,
PCI, etc.).
According to the company’s Senior Data Analyst, the firm needed an efficient way to locate and identify sensitive data in their on-premises servers. That led them to Varonis

As a global company, the firm is also responsible for ensuring compliance with all current and future data
privacy regulations, including the California Consumer Privacy Act (CCPA) and the EU General Data Protection Regulation (GDPR).

The Senior Data Analyst was also concerned with risk remediation. Insider and outsider breaches had cost other companies untold brand damage and resulted in significant intellectual property loss. To avoid the same fate, this firm needed more visibility into
where it was exposed and the ability to lock down global group access.

But the Data Analyst had no idea how widespread the issue actually was until a Data Risk Assessment revealed that 86% of the firm’s sensitive folders—including almost 50,000 files were open to everyone.

Solution
Increased visibility and control into their on-prem environment
With widespread overexposure, the global financial firm needed swift and demonstrable remediation. Four Varonis products helped them lock down their servers and fortify their cybersecurity.
1. DatAdvantage for Windows, Exchange, and Directory Services supports the firm’s on-prem data stores and email. It automatically maps who is able to access sensitive data, who is actually accessing sensitive data, and areas where overexposure has left them vulnerable to a data breach.

2. Data Classification Engine enables them to work toward their primary goals: data inventorying and privacy remediation. With Data Classification Engine automatically scanning and classifying data, the burden of remembering where data lives no longer rests with individual users and group managers.

3. Data Classification Policy Pack enhances data classification via a vast library of pre-built rules and patterns. By automatically enforcing data privacy standards laid out by regulations such as GDPR and CCPA, Policy Pack streamlines compliance efforts.

4. DatAlert Suite provides real-time monitoring and alerting of all critical systems. The firm is now exploring Splunk integration, which will allow them to query and correlate Varonis alerts using Splunk Enterprise.

Results
86% Decrease in sensitive folders with open access within the first four months
With full visibility into where sensitive information was exposed and more insight into the steps necessary for risk reduction, the Senior Data Analyst was able to take decisive remedial action.

In just four months, the firm’s data analysis team used Varonis to restrict access to over 35,000 files containing sensitive information. All-in-all, they decreased the number of sensitive folders with open access by 86%.
According to the Senior Data Analyst, Varonis has helped the firm substantially decrease its attack surface and improve its approach to compliance—all while saving an astronomical amount of time.

Looking ahead, the firm is planning to move some of their data into the Microsoft 365 environment. In preparation for that move, they’re already evaluating other Varonis products, such as DataPrivilege and Automation Engine, which will support their move to the cloud.