The City of Buffalo in New York state is using Varonis DatAdvantage to manage and audit its access activity. Using DatAdvantage, City of Buffalo can look internally to see what is happening with unstructured data stored within its network. DatAdvantage captures, aggregates, normalizes, and analyzes permissions and every file access event, such as open, move, delete, etc., for every user allowing City of Buffalo to answer the otherwise impossible questions of who is accessing which folder, what data they can see, who has deleted a file and where did a file go.
City of Buffalo’s utilization of DatAdvantage has been likened by city personnel as similar to an insurance policy, much like that of car or building insurance, in that you rarely contemplate having it until it’s needed, and then its importance is evident. This was tested recently following two incidences of files mysteriously disappearing. Using the solution, city IT personnel determined exactly what had happened and, even more importantly, that a genuine mistake had been made and the action was not malicious. “In a very practical sense it eased our concerns as we were able to determine that those deletions weren’t malicious which simply would not have been possible previously. That’s a real time practical use that we’ve put to the product.”
City of Buffalo personnel are also using DatAdvantage to organize and codify legacy user account permissions that were associated with network resources prior to the current process for assignment via Active Directory network security groups. Some areas of the City of Buffalo’s Active Directory were a “bit of a basement,” since using DatAdvantage, the IT department has turned those undocumented areas into a very effective, efficient and intuitive warehouse. “The thing with Varonis is it gives you that stand off capability but then allows you to almost instantly come in and work to a fine gradient of detail that, without it, would take hours and hours.”
Moving forward, the City of Buffalo will perform the same inspection, review and editing of access permissions throughout the entire enterprise, empowering the organization to perform surveillance and quality control over what’s coming in and going out.
Varonis DatAdvantage addresses and aggregates Active Directory user and group details, ACL information and all data access events—without requiring native OS auditing—to build a complete picture of who can and who is accessing data, and who should have their access revoked.
Varonis can also lead IT to rightful data owners, so the right people can ensure appropriate access and usage. The Varonis IDU Classification framework enables IT to immediately identify folders with excessive permissions that also contain quantities of sensitive data.
The City of Buffalo must operate under many of the same constraints as other institutions, where finite resources such as time, number of staff and funding and all are working “to manage the tyranny of the urgent." “The nice aspect of the product moving forwards is that all institutions, whether they are private or governmental, tend to hoard legacy credentials with the ability to access files which have been dragged along with the organization for years. To be able to quickly and efficiently find a full list of individuals assigned inappropriate levels of access and quickly and efficiently find resources that have not been accessed in years and are no longer relevant to business operations, will help us work through any remaining issues of inefficient data storage and legacy access and clean those issues up.”