Options, global provider of infrastructure as a service (IaaS) products to the financial services sector, has chosen data permission and auditing solutions from Varonis to protect its clients.
Options has over 130 financial services clients around the world and needed to reassure them that, as an outsourced IT provider, it had the right technology in place.
Each of Options’ clients has its own dedicated virtual NAS servers and its own file permissions. These number hundreds of servers globally, with hundreds of terabytes of data. Options has deployed Varonis DatAdvantage to monitor and report on them.
“Our customers needed to know that no-one was changing their file permissions or accessing files behind the scenes,” commented John Bryant, CTO of Options. “Clients needed to be confident that when they requested a change it was being done appropriately, that only changes the clients were sanctioning were going through on the platform and only authorised changes were being applied to the system.”
David Gibson, VP at Varonis, said data protection is necessary to safeguard any businesses’ customers, employees, business partners and investors, and particularly within the business environment Options operates in, the financial services industry. “It is vital for maintaining the organisational trust.”
This is what the Varonis DatAdvantage solution offered, with a metadata framework that able to handle a fast growing volume of users. “Most of our customers operate within a highly-regulated environment, and needed to show their investors they have partnered with the right IT firm,” added Bryant.
Gibson said DatAdvantage not only provides a complete, bi-directional view into the permissions structure of unstructured and semi-structured file systems, but a complete audit trail of who is accessing data and changing permissions. It also features recommendations and modelling, and data ownership identification in its extensible framework.
Options is using DatAdvantage to replace previously scripted reports and will allow for the generation of additional automated reports in the future. “DatAdvantage also lets us perform ‘what if’ scenarios which we could not do before. Now, our support desk can assess the impact of a change before it happens, and ensure changes are correctly applied,” explained Bryant.
“Before Varonis came on board, reporting was a time consuming and onerous process,” said Bryant. “It was a manual effort that required engineers with scripting knowledge.”
Varonis allows Options to avoid degrading performance while still offering the same visibility of access activity and change. DatAdvantage aggregates Active Directory user and group details, ACL information and all data access events, without the need for native OS auditing. This allows clients to build a complete picture of who can and who is accessing data, and who should have their access revoked, ensuring that only the right people have access to the right data at all times, all use is monitored, and abuse is flagged.
“Everyone talks about intrusion prevention, but actually, the vast majority of attacks happen from within your own four walls, by one of your own employees,” said Bryant.
DatAdvantage has allowed Options to add to its portfolio of services, to give clients true transparency. Clients can now see permissions and activity on their own file shares, and see that nothing untoward is happening, he concluded.