Let us Now Praise Varonis DatAnswers

save
Share and earn Cybytes
Facebook Twitter LinkedIn Email

It’s easy to forget a bygone era when digital knights ventured into the dark Internet forests to do battle with search engine dragons. They pulled answers out of the virtual claws and teeth of such search reptiles as Alta Vista, Ask Jeeves, Lycos, and Excite.

It was time of gallantry and  legendary bravery.  I myself remember suiting up in digital armor and wielding a corded mouse as I did battle with the last of the prehistoric search engines.

Remember Yahoo?  In 1998 they were the second most popular online site, right behind AOL. With Yahoo and others as well, it was like waging an epic battle to find accurate search answers while not being completely sure of the trustworthiness of the links.

When Google finally emerged, they were the first to introduce a reliable algorithm to rank search results. Google ate up the competition, and we are left with a very evolved and brilliant search engine that’s now more human than search reptile.

Who was not stunned speechless by Google’s ultra-minimal single-box homepage when it first came out?

It seems so obvious now, but at the time search engine homepages were a mess of news, ads, links, links, and more links. What were these sites trying to be: a source of entertainment but with a search capability? Ok, maybe Yahoo never quite figured out who they were.

How not to design a search engine home page

Why is Google #1?

What did Google offer that was so different that they overtook all of their competitors to become a verb for searching the Internet?

It was their PageRank algorithm, of course!

It introduced a method to ‘weight’ the importance of every webpage in deciding how to order the results. To accomplish this, PageRank early on looked at the number and quality of links to the webpage, along with other factors. The actual algorithm is now far more advanced than the original Page Rank, and performs natural language processing on the pages themselves to understand the content.

Enterprise Search as Productivity Booster

What does all this have to do with our enterprise search product, Varonis DatAnswers?

The importance and value of an organization’s digital assets is often underestimated. How many people in your company know where to find sensitive content—intellectual property, customer information,  emails—as well as other valuable information in your file system? Likely not many!

Perhaps just a few power users and data owners.

Think about just how often you as an ordinary user (with no special knowledge of the content) search in vain for some document in your  org’s shared folders or emails in your Exchange system

It shouldn’t be harder to search your corporate file shares and intranet as an employee than it is to search the Internet as an ordinary consumer, right?

Let’s do a simple experiment and try to guestimate how much time is wasted during the day by making a simple and I believe conservative assumption that we all spend about 30 minutes looking for stuff:

  • 100 employees x 30 minutes per employee = 50 hours of time saved
  • 1,000 employees x 30 minutes per employee = 500 hours of time saved
  • 10,000 employees x 30 minutes per employee = 5,000 hours of time saved
  • 100,000 employees x 30 minutes per employee = 50,000 hours of time saved

If we scale this up to a national level or even global, it starts reaching an astronomical number of hours per day that we’re collectively trying to find those darn sales presentation from earlier in the year or a legal document or spreadsheets with revenue predictions.

Enterprise Search the Varonis Way

Unlike the internet, all users have access and are welcome to read all search results. Those rules don’t and shouldn’t apply in the enterprise. And that’s what deters security pros from implementing search — it allows users to view anyone’s data, even if they don’t have access to it!

But that’s where Varonis DatAnswers differs from most enterprise, open-to-everyone search products.

DatAnswers is a contextually-based enterprise search engine. This means results are optimized based on the context of the user and their role is within the organization.

Not only does DatAnswers honor files access groups in deciding what to display to a user, but we leverage these groups and user activity to weight how important a piece of content might be in a search.

Typically, those users who belong in, say, the same Active Directory groups would likely look for content in the same folders. DatAnswers can go a step further by masking the permissions set to match the recommended permissions provided by DatAdvantage. This help us fine tune what folder and directories would be better candidates for having relevant content.

Protecting Sensitive Data When Users Are Searching

Beyond DatAnswers, our Data Classification Framework (DCF) provide an  additional layer of protection. It’s really a separate search engine in its own right. DCF crawls the file shares and SharePoint to identify sensitive files by metadata and/or content indicators, e.g., security certificates, files containing PII such as US social security or driver’s license numbers.

DCF cross references the sensitivity of a file with the access permissions information gathered by DatAdvantage to assess the risk: is the sensitive data  in a locked down folder to which only the right people have access or is it sitting in a location which everyone has access?

By providing the ability to filter out sensitive files from the search results, we can remove the risk of exposing this data.  For example, files containing financial information will only show up in the search results if the user works in the finance department or, say, is  a member of the board of directors.

If I had to put the entire DatAnswers’ ‘value prop’ into a short bulleted list, here’s what I would say:

  • Highly-relevant search results
    • Discover data based on content and context, with metadata and analytics
    • Get more relevant results for rapid ECA (early case assessment)
  • Secure
    • Hide sensitive data from those who should see it
    • Prune results based on DatAdvantage recommendations
    • Full audit trail: track file activity, capturing forensic information
    • Track searches to spot early indicators of a possible insider threat
  • Fast
    • Incremental indexing and granular scoping
  • Scaleable
    • An architecture which supports both vertical and horizontal scaling

Other Benefits

End-user training is not required because DatAnswers is extremely easy to use — if you can google, you can varonis!

You can quickly open the containing folder for a file, find similar documents, or display the document’s metadata, including an audit trail of changes.

Found the file? Now just click to open. Take that Google!

Use the sidebar you can filter your results by a specific language, author, date, file type, and more.

User search history is also recorded for analysis, so administrators  know who is searching for what, when, how often, and more.

Finally, an API is available for integrating search with other technologies, providing you with more flexibility.

 

The post Let us Now Praise Varonis DatAnswers appeared first on Varonis Blog.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
Follow
2693 Followers
About Varonis
Varonis is a pioneer in data security and analytics, fighting a different battle than conventional cybersecurity companies. Varonis focuses on protecting enterprise data on premises and in the cloud: sensitive files and emails; confidential customer, patient and employee data; financial records; strategic and product plans; and other intellectual property. The Varonis Data Security Platform detects insider threats and cyberattacks by analyzing data, account activity and user behavior; prevents and limits disaster by locking down sensitive and stale data; and efficiently sustains a secure state with automation. With a focus on data security, Varonis serves a variety of use cases including governance, compliance, classification, and threat analytics. Varonis started operations in 2005 and, as of December 31, 2017, had approximately 6,250 customers worldwide — comprised of industry leaders in many sectors including technology, consumer, retail, financial services, healthcare, manufacturing, energy, media, and education.
Promoted Content
Varonis Earn & Learn Email Series
Is your CISSP up to date? We’re here to help! Earn Continual Professional Education (CPE) credits with our free CPE track. We’ll send you CPE-credit worthy content each month: earn 2 CPE credits per month, learn from top industry experts, and get real world security content to take your skills to the next level. Enrollment is free – and so is all our great CPE content! This program includes: - On demand webinars that fit your busy schedule - Podcasts from top influencers in security and privacy - Video tutorials with relevant, real world security content to take your skills next level and more!

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel