Varonis is helping The MENTOR Network to manage its data access without draining IT resources. The human services institution increasingly found identifying data owners and maintaining ownership integrity difficult, especially with a fluid user base as people moved roles and joined the organisation. To address this it is using Varonis DatAdvantage for Windows, Varonis DataPrivilege and Varonis IDU Classification Framework to effectively and efficiently manage access control and data management, as part of its data governance program. Even having doubled its user base in five years, the Varonis suite has enabled The Network to keep the same staffing level within its IT Team, who are providing a much better service to twice as many users.
The MENTOR Network is a national diversified network offering an array of quality, innovative services to adults and children with intellectual and developmental disabilities, brain and spinal cord injuries and other catastrophic injuries and illnesses. It also supports and helps youths with emotional, behavioural and medically complex challenges as well as their families. Shaun Fernandez, its Senior Director for Infrastructure and Technology Services said, “We started with some lab work using Varonis DatAdvantage to test unstructured data that we’d created. The results were impressive as the tool was one of the most powerful we had seen - in terms of the level of detail and control over the data that we could have. The decision was a simple one and we went down the path pretty quickly. This level of information improves our ability to respond to panics, return securities to our data and identify stagnant files.”
The Varonis Suite enables the network to efficiently identify data owners, even with its fluid user base of people moving roles and joining the organisation, making it simple to maintain ownership integrity. Program managers have responsibility for all access requests, which they manage themselves through a self-service portal, making the process efficient relieving the burden on its IT team. If someone accidentally moves a share out of a controlled area into another it can quickly identify the risk and tighten up control. In addition, it can now find the needle in a haystack in five minutes when someone accidentally moves or deletes a file. When it needs to provide reports on access, for example as part of a SOX audit, it can now easily fulfil these requests on the access controls it has in place.
Using Varonis DatAdvantage The Network can aggregate its Active Directory user and group details, ACL information and all data access events—without requiring native OS auditing—to build a complete picture of who can and who is accessing data, and who should have their access revoked. It leads IT to rightful data owners, so the right people can ensure appropriate access and usage.
The Varonis IDU Classification Framework gives The Network visibility into the content of its data, providing intelligence on where sensitive data resides across its file systems. By integrating file classification information – from either the included classification engine or from a third-party classification product – alongside the rest of the Varonis metadata in the DatAdvantage interface, IDU Classification Framework enables actionable intelligence for data governance, including a prioritised report of those folders with the most exposed permissions AND containing the most sensitive data.
The Network added DataPrivilege into the program to automate data governance by providing a framework for users and data owners to be directly involved in the access review and authorisation workflows. A configurable web interface for data owners, business users, and IT administrators automates data access requests, owner and IT authorisation of changes, automated entitlement reviews, and business data policy automation (e.g. ethical walls). A complete audit trail ensures that data governance policies are in place and being adhered to.