VARONIS CASE STUDY. Philip Morris International (PMI)



Similar documents
VARONIS CASE STUDY. Greenhill & Co.

VARONIS CASE STUDY. Fresenius Netcare

VARONIS CASE STUDY. HIT Entertainment

VARONIS CASE STUDY. Arnold Worldwide

VARONIS WHITEPAPER Next Generation Enterprise Search

VARONIS CASE STUDY THE HAGADONE CORPORATION

VARONIS CASE STUDY University of Liverpool

VARONIS CASE STUDY. Matanuska Telephone Association (MTA)

VARONIS CASE STUDY. Heemskerk Municipality

VARONIS WHITEPAPER. Mastering the Information Explosion

VARONIS CASE STUDY Children's Hospital of Wisconsin

VARONIS WHITEPAPER. 11 Things IT Should be Doing (But Isn t)

T E TMcDonough@AInfoSys.com W VARONIS DATA GOVERNANCE SUITE

T E elite@elitetele.com W VARONIS VARONIS DATAPRIVILEGE DATAPRIVILEGE. DataPrivilege

10 Things IT Should be Doing (But Isn t)

VARONIS WHITEPAPER. PCI DSS for IT Pros and Other Humans

VARONIS CASE STUDY. Analysys Mason. Analysys Mason

Managing Unstructured Data: 10 Key Requirements

Accelerating Audits with Automation: Who s Accessing Your Unstructured Data?

Contents of This Paper

Varonis: Secure Enterprise Collaboration and File Sharing Date: June 2015 Author: Terri McClure, Senior Analyst; and Leah Matuson, Research Analyst

How Varonis Can Help With Efforts Toward Sarbanes-Oxley Compliance

This Webcast Will Begin Shortly

HIPAA Compliance and Varonis

The Business Case for Data Governance

RecordPoint Overview

Global Headquarters: 5 Speen Street Framingham, MA USA P F

SMART Considerations for Active Directory Migration. A Strategic View and Best Practices for Migrating the Corporate Directory

Top 5 reasons to choose HP Information Archiving

Varonis Systems & The Payment Card Industry Data Security Standard (PCI DSS)

10 Building Blocks for Securing File Data

DocAve Software Platform

LuxCloud uses Tata Communications Managed Services to build its cloud services platform for the Asia Pacific market

The Microsoft Enterprise Project Management System

Tagetik 4 Enabled By Microsoft SharePoint

Vendor Risk Management

Intelligent document management for the legal industry

How To Migrate From Eroom To Sharepoint From Your Computer To Your Computer

Outline SSS Configuring and Troubleshooting Windows Server 2008 Active Directory

Market comparison: sales and distribution of travel insurance and the growth of bancassurance

Top 5 reasons to choose HP Information Archiving

Building a Successful Strategy To Manage Data Growth

Accenture Software. Accenture Insurance Data Migration Factory. Achieving high performance through industrialized data migration

Cloud Services for Connected Government (CSfM) Ground to Cloud Summit

Data Sheet: Archiving Symantec Enterprise Vault for Microsoft Exchange Store, Manage, and Discover Critical Business Information

Control and management of privileged users

MarkLogic Enterprise Data Layer

ECM Migration Without Disrupting Your Business: Seven Steps to Effectively Move Your Documents

BIRT Performance Scorecard Root Cause Analysis and Data Visualization The Path to Higher Performance

Fundamentals of Continuous Integration

Hitachi Cloud Service for Content Archiving. Delivered by Hitachi Data Systems

Displaying an innovative approach towards port management

Software Solutions. Microsoft Dynamics CRM. SoftASA Business Software. masventa Business GmbH Von-Blanckart-Str Alsdorf

Masterminding Data Governance

Keeping Tabs on the Top 5 Critical Changes in Active Directory with Netwrix Auditor

Big Data at Cloud Scale

University of Strathclyde: Information Services Directorate Operational Plan for 2014/15

Symantec Enterprise Vault for Microsoft Exchange

Domestic & General deliver a new IBM WebSphere Application Server Environment at speed using RapidDeploy for Application Deployment

Data Sheet: Archiving Symantec Enterprise Vault for Microsoft Exchange Store, Manage, and Discover Critical Business Information

Protective Marking for UK Government

Entitlements Access Management for Software Developers

MANAGEMENT SOLUTIONS SAFEGUARD BUSINESS CONTINUITY AND PRODUCTIVITY WITH MIMECAST

Admiral Markets. ID Verification solution: Overview. Case Study

10 steps for a smooth migration to Office 365. A decision-maker s guide

Real-Time Security Intelligence for Greater Visibility and Information-Asset Protection

How to Secure Your SharePoint Deployment

Managing Open Source Code Best Practices

Build a Streamlined Data Refinery. An enterprise solution for blended data that is governed, analytics-ready, and on-demand

CONTRACT LIFECYCLE MANAGEMENT. Streamline organizational processes and save resources

W H I T E P A P E R E X E C U T I V E S U M M AR Y S I T U AT I O N O V E R V I E W. Sponsored by: EMC Corporation. Laura DuBois May 2010

SharePoint Unlimited... or how to deal with the explosive growth of unstructured data in SharePoint in a secure and transparent manner.

E-Seminar. Financial Management Internet Business Solution Seminar

WMD - Workflow Management & Document Consulting

Sickness absence: This document could save you over 100,000

Document and Quality Management Solutions for Life Sciences

Global Headquarters: 5 Speen Street Framingham, MA USA P F

Brochure. ECM without borders. HP Enterprise Content Management (ECM)

Data Sheet: Archiving Symantec Enterprise Vault Discovery Accelerator Accelerate e-discovery and simplify review

A TECHNICAL WHITE PAPER ATTUNITY VISIBILITY

Enterprise Adaptive Network Service

COMPLETE COMPUTING, INC.

IT & Asset Management Quick-Start Consulting Services for Clients

Symantec Enterprise Vault for Microsoft Exchange

Cloud Security Introduction and Overview

How To Configure An Active Directory Domain Services

White Paper: Migrating to the Cloud

Marathon Information Management Program

Product Financial Control Solutions Spreadsheet Workbench

Ball Corporation. Situation. Ball Corporation strengthens global account management by using CRM in the cloud

Informatica PowerCenter The Foundation of Enterprise Data Integration

REGULATORY INFORMATION INSTANTLY ACCESS

Veritas Enterprise Vault for Microsoft Exchange Server

Performance Testing and Functional Automation Specialist Cloud Services

Transcription:

VARONIS CASE STUDY

We chose Varonis following standard procurement processes in our company as well as technical evaluations within our IT lab. The technical evaluations were very important to determine that the software had the necessary functional and technical capabilities to provide us with a central access control reporting and monitoring solution that would be sufficiently scalable for the size of our company and our project needs...what we have now is unprecedented visibility into who has access to which information. Jan Billiet, Director of IS Security and Risk Management 2

THE CUSTOMER LOCATION New York, USA INDUSTRY Consumer Goods Philip Morris International, or PMI in short, is the leading international tobacco company, with products sold in approximately 180 countries. 3

THE CHALLENGE PMI wanted global visibility and easier access to the growing amount of access control information replicating within and across Active Directory, SharePoint, and file server installations. PMI recognized that tools available prior to this program were not satisfactory and that a proper solution had to be found to complement its global identity management system which primarily deals with protection of structured information. The company did not just want to install software - it wanted to implement a strategic solution with well-defined use cases, documentation and service level agreements. EVALUATION PARAMETERS PMI created a plan to move away from their legacy systems and practices for reviewing group and individual access to selected data sets. Their plan involves implementing a more systematic approach to appointing data owners and engaging them more efficiently in entitlement reviews. Jan Billiet, Director of IS Security and Risk Management, explains, Overall we realized that available solutions, either packaged or custom developed, were not sufficient in helping us with the review of access permissions in Active Directory and file servers. And they could not keep up with the growth of the data and the complexity of these access permissions. 4

THE SOLUTION To this end, PMI initiated a program which it calls EPICS (Enhanced Protection of Important Information and Collaboration Systems). EPICS uses Varonis software to provide an overview of all user access control information maintained in Active Directory. PMI also installed DatAdvantage for SharePoint and DatAdvantage for Windows, as part of a strategy to achieve overall visibility across the company of who has access to what information on Active Directory, SharePoint and file servers. A centralised solution was planned and built around use cases which PMI drew up during the planning stage. Examples of use cases implemented include: Identifying which objects (e.g. shared folders) relating to important company information should be subject to scheduled reporting and/or ongoing monitoring Reviewing group memberships, e.g. for Active Directory groups granting Server Administrator privileges Reviewing file server permissions Reviewing sftp permissions Removing inactive accounts Reviewing user activity on file servers Verifying segregation of duties within IT functions Reviewing accounts not managed by the company s identity management system Requesting ad hoc reports The company wanted to support in a standardized way execution of Active Directory and file server related base-line security controls, while being able to move away from legacy tools and practices around review of group or individual access to selected data sets so as to more systematically appoint data owners and engage them efficiently in such reviews. It was also important to implement a system that could provide over time the capability to extend the reporting and monitoring of access control permissions with technology for more centralized access control administration and coordination of entitlement reviews. The EPICS infrastructure and service covers access control information of more than 50,000 users in 48 countries, 2+ million Active Directory relationships, and 7 million folders in SharePoint and file servers spread over 80+ servers in Europe, Asia and Latin America. The deployment of DatAdvantage took approximately one year, in line with project goals. Since the release of the EPICS service, 20,000 reports are generated for the company s 50+ information security personnel giving them regular and detailed information about how access control list information is defined, maintained and reviewed. The company continues to make progress in developing EPICS, for example through development of new use cases. Next steps include a pilot of Varonis DataPrivilege solution to manage better entitlement reviews, automate data owner involvement in the authorisation process and further ensure that data owners and service providers adhere to corporate requirements. 5

BUSINESS BENEFITS GLOBAL VISIBILITY OF ACTIVE DIRECTORY, FILE SERVER AND SHAREPOINT PERMISSIONS FROM A SINGLE INFRASTRUCTURE EPICS uses Varonis software DatAdvantage for SharePoint and DatAdvantage for Windows as part of its strategy to enhance overall visibility across the company of who has access to what information on Active Directory, SharePoint and file servers. QUANTIFY ACCESS CONTROL CHALLENGES AND DRIVE INITIATIVES AROUND ACTIVE DIRECTORY HYGIENE The IT department leverages the metadata produced by this implementation, to drive quality and consistency in this important security domain as well as raise awareness within IT and business stakeholders for other initiatives around access control. IDENTIFY AND REMEDIATE EXCESSIVE PRIVILEGED ACCESS TO SERVERS The metadata intelligence collected by Varonis DatAdvantage enables PMI to investigate permission administration inconsistencies, engage data owners more in the review of access to important company information, and increase opportunities for access control automation. 6

ABOUT VARONIS Varonis is the leading provider of software solutions for unstructured, human-generated enterprise data. Varonis provides an innovative software platform that allows enterprises to map, analyze, manage and migrate their unstructured data. Varonis specializes in human-generated data, a type of unstructured data that includes an enterprise s spreadsheets, word processing documents, presentations, audio files, video files, emails, text messages and any other data created by employees. This data often contains an enterprise s financial information, product plans, strategic initiatives, intellectual property and numerous other forms of vital information. IT and business personnel deploy Varonis software for a variety of use cases, including data governance, data security, archiving, file synchronization, enhanced mobile data accessibility and information collaboration. Free 30-day assessment: WITHIN HOURS OF INSTALLATION You can instantly conduct a permissions audit: File and folder access permissions and how those map to specific users and groups. You can even generate reports. WITHIN A DAY OF INSTALLATION Varonis DatAdvantage will begin to show you which users are accessing the data, and how. WITHIN 3 WEEKS OF INSTALLATION Varonis DatAdvantage will actually make highly reliable recommendations about how to limit access to files and folders to just those users who need it for their jobs. WORLDWIDE HEADQUARTERS 1250 Broadway, 31st Floor, New York, NY 10001 T 877-292-8767 E sales@varonis.com W www.varonis.com UNITED KINGDOM AND IRELAND Varonis UK Ltd., Warnford Court, 29 Throgmorton Street, London, UK EC2N 2AT T +44 0207 947 4160 E sales-uk@varonis.com W www.varonis.com WESTERN EUROPE Varonis France SAS, 13-15 rue Jean Jaures (1er Etage) 92800 Puteaux T +33 184 88 56 00 E sales-france@varonis.com W sites.varonis.com/fr GERMANY, AUSTRIA AND SWITZERLAND Varonis Deutschland GmbH, Welserstrasse 88, 90489 Nürnberg T +49(0) 911 8937 1111 E sales-germany@varonis.com W sites.varonis.com/de 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information