Varonis Platform Reviews

The primary use case for Varonis Platform is data discovery, specifically for discovering sensitive data in our organization to protect it. We are looking for a solution that can scan our repositories to identify sensitive data and classify it as restricted or confidential based on our information security policy. 

Additionally, we are considering its use for data security and risk assessment and managing and monitoring user activities and access permissions.

Varonis offers robust data access governance, allowing us to understand which sensitive data exists and who has access to it. It also allows us to manage access permissions. It is effective in threat management, discovery, classification, access integration, and access governance. 

Varonis is excellent for scanning unstructured data sources like file shares, OneDrive, SharePoint, Azure Blob Storage, and S3s.

The most valuable feature, in my opinion, is that it serves as a central repository where you can see all of your file servers from the GUI. There are two interfaces: the web version and the graphical user interface (GUI) available on local machines.

Another valuable feature is the ability to easily apply restrictions through Varonis, without having to manually configure permissions on individual servers. You can remotely register, block, or enable server or file permissions from one central location. This can be done in bulk as well. 

I also appreciate the reporting feature, which allows for the extraction of various reports based on specific needs. These reports can be used for audit purposes, such as tracking changes in file locations or deletions.

Additionally, Varonis offers data classification capabilities. You can manually create classifications and categorize data accordingly. After a short processing time, you have visibility into where specific types of data are located.

There are many other aspects of Varonis worth mentioning, as I learn something new about it every day. However, I have now transitioned to the Microsoft platform and primarily work with Power BI, so my Varonis usage is limited these days.

One area for improvement is the calculation engine. When applying rules in Varonis, especially for large datasets (terabytes of data), the calculations can be slow and require time to process. Speeding up this process would be beneficial.

Additionally, although Varonis is considered an IAM tool, it also plays a role in data security. Introducing DLP (Data Loss Prevention) capabilities within Varonis would be a valuable addition. While there are ways to implement DLP within the platform, integrating it more tightly would provide greater flexibility for analysts to manage data, set restrictions, and define policies directly within Varonis.

It includes activity monitoring, sensitive data threat detection, and discovery, all of which fall under the 10101 Umbrella. Additionally, because of unstructured data, there's overexposed access.

We use the tools that come with it, such as data classification and real-time active alerting.

We're in the process of maturing the incident response for our team. We're transitioning from on-prem to the cloud and are now evaluating it for the cloud as well as Defender for Cloud and all of its components. So, we're doing a comparison of that.

We use it to manage storage systems. We can see who changes file names, folder names, deletes files, removes or adds permissions.

We can check modify permissions and file removals, and connect the Varonis Data Security Platform to our storage systems like NetApp.

When we add a filer to Varonis, there's a policy that automatically connects the SVM or CIFS shares. That's good. We can automatically add these without changes.

We can easily check logs and find out who modified a file or folder.

We use the solution for data loss prevention. The tool scans Google Drive documents to ensure nothing is overshared.

The solution ensures that users have not accidentally shared sensitive information with the wrong people or too many people. It monitors whether users have mistakenly shared something with an external party, the entire organization, or their personal Google account.

Customers use the product to identify sensitive information, correlate it with access permissions, and utilize its automation engine for remediation. It includes fixing broken permissions and managing global access. In healthcare settings, the data privilege module allows for implementing the least privilege and simplifies permission management. It also provides effective data alerting and reporting for both on-premises and cloud environments like Microsoft 365.

The solution's areas of improvement are the interface and the dependency on on-premises deployment for some components. 

The interface has improved with the move to a SaaS model, but aspects could still be modernized. Additionally, some elements, like the data privilege module, still require on-premises deployment.

We use the product for auditing, and keeping track of shares. It ensures proper access control and monitors file creation, access by relevant users, and productivity analytics.

The solution has significantly improved data security and compliance posture by allowing us to track and monitor activities. We can see who accesses data and when files are created and understand what's happening in our environment.

We are primarily using the DatAdvantage feature, which is accessed through the web UI and DNS tools. This has been quite helpful for us. While we don't have licenses for other features at the moment. We are getting a POC to evaluate further.

It provides visibility into file access, allowing identification of unauthorized access. The cloud feature helps assess data exposure and recommends changes to secure data, preventing overexposure to the public. We are interested in the key feature that prevents overexposure, making sure that only authorized individuals have access. 

Having a centralized platform provides visibility, which proves beneficial given our constraints with a smaller team.

We use the solution to provide safer access to the new user, and provide remediate access to the user.

The most important feature is remediation. In remediation support, there is no group permission. We'll go ahead and remediate the access from the Dell folder to the parent folder.