During the week of LinuxWorld, Johnnie Konstantas, a marketing VP at Varonis Systems, a data governance software provider, talks about the company’s release of DatAdvantage and approaches to data governance within a company.
What does DatAdvantage do?
Johnnie Konstantas: The focus … was to automate user-to-data mapping such that only the right users have access to only the data they need at all times. A sophisticated mathematical engine computes permissions revocations so that user access to data is always warranted by business need. DatAdvantage also ensures that data use is business warranted by providing the means to continuously monitor what users are doing with the permissions they have. DatAdvantage logs every user’s every “file touch” (i.e., open, delete, create, rename) and provides this information as part of a consolidated and searchable record.
Why is data governance so important, even more so than it was five years ago?
Konstantas: IT managers are currently responsible for controlling access to business-critical and sensitive data — 80% of which takes an unstructured form (i.e., documents, spreadsheets, presentations, image and multimedia files, source code). A system of data governance that includes people, processes and technology for ensuring that access is warranted is the only way to implement access controls that are consistently applied and enforced through data growth and change. The rate at which unstructured data is created outpaces that of five years ago. Digital images from scanners and cameras, portable audio files, podcasting and Web content are being added to the scores of documents and spreadsheets that are produced for business communication. All of this now “business relevant” data must be protected, and access to it controlled as it is for documents and software code. In the next three years, the rate of data creation will increase still.
What trends has Varonis seen in data access rights within a company?
Konstantas: As a general trend, companies are seeing the need for unstructured data management become more acute as data growth explodes. IT operations are turning to Varonis to automate a process which is largely manual and quite costly. The steps taken for data management auditing and control for unstructured data are being rolled into the thinking, models and projects for overall data governance.
How should a company think about data governance to make the most of DatAdvantage?
Konstantas: Since most enterprises have not reviewed their data entitlement settings in some time (the process is almost impossible without Varonis which automates it), step one is to have IT review and clean up unwanted access controls. Then the data management shift from IT staff to data stewards can take place. A good governance environment has a specialized team in charge of entitlement management, but also involves IT in auditing the process.
How does data governance overlap with data security? How does DatAdvantage differ from data center security software?
Konstantas: Data governance as a model and framework includes the safeguarding of data that is business-sensitive. IT greatly reduces the risk of data loss and misuse by revoking unwarranted permissions and limiting control according to a business’s need-to-know. Data governance comprises much more than security, however; it ensures that data stewards rather than IT staff manage entitlements to data and determine which data is worthy of archiving, deleting, preserving and protecting. The two products in Varonis’ data governance suite provide the means to both manage entitlement to and determine treatment of data. DatAdvantage helps IT remove excess permissions and identify data business owners. Varonis DataPrivilege puts data stewards in charge of their data by giving them the means to manage all entitlement requests and to audit data use.