Executive View

Varonis DatAdvantage

Getting a grip on your data is a bigger challenge than ever before. While solutions for central IT environments such as SAP are quite established, a significant portion of critical data resides in unstructured data stores such as file servers or collaboration services. This includes PII (think “GDPR”), but also blueprints, financial data, and more. It is essential having tools in place that help in both identifying and securing this data. Varonis DatAdvantage is a leading-edge offering in this area of what commonly is called Data Governance.

Martin Kuppinger

mk@kuppingercole.com

1 Introduction

A very significant portion of critical corporate data resides in what commonly is named “unstructured data stores”. These stand in contrast to structured data held in systems such as SAP, in the CRM, in databases, and others. Unstructured data stands for data held in document formats such as text documents, slide decks, spreadsheets, or PDF files, and stored on file servers, collaboration platforms, or even worse on file storage in the Internet. Factually, a significant portion of data held in central IT systems such as the ERP or CRM transforms, sometimes even automated and on schedule, into such unstructured data. Having 100’s of regular exports from the various SAP systems in place is the norm, not the exception.

That data always has been critical:

  • Information from the R&D department can contain valuable intellectual properties of the organization, being obviously interesting to external parties, but being relevant also in the context of product liability.
  • Financial data, e.g. when preparing annual statements, is sensitive and must not leak before a certain date when a company is listed.
  • PII (Personally Identifiable Information) always has been sensitive. Nowadays, in the age of GDPR, this risk has grown massively. Not only must such data not leak, but organizations also need to well understand where it resides, to comply with the GDPR data subject rights.

Unfortunately, the vast majority of organizations still are not in control of unstructured data. IAG (Identity and Access Governance) as the core discipline of IAM (Identity & Access Management) comes to its limits when it is about identifying, managing, and protecting unstructured data. It neither supports the identification nor the fine-grain management of entitlements e.g. on Windows file servers or Microsoft SharePoint environments. The focus is on cross-system management of identities and access, not on the level of granularity required for environments such as the ones named above.

Solutions supporting administrators of such environments, e.g. Windows administrators or SharePoint administrators, commonly are too technical and specialized on a single environment, while unstructured data sprawls across a variety of different systems.

The in-depth management of target systems is well-established in the SAP environment, with tools for access control being the established norm in a large share of organizations. However, these tools are again highly specialized and don’t support the specific requirements around unstructured data.

Over the years, a specific market segment of tools has evolved, which frequently is named Data Governance, but also titled Data Access Governance or Entitlement & Access Governance. The target of such solutions is implementing some form of governance and control for unstructured data, spanning various systems that hold such data. The focus is on identifying data, their owners, and managing access entitlements for unstructured data.

Given the fact that standard approaches such as IAG fail in delivering these capabilities, while there is an urgent need for having adequate tools in place, we consider Data Governance as a mandatory element in a comprehensive IAM and Data Protection strategy, complementing IGA and other core components of IAM.


Full article is available for registered users with free trial access or paid subscription.

Register and read on!

Sign up for the Professional or Specialist Subscription Packages to access the entire body of the KuppingerCole research library consisting of 700+ articles.

I have an account
Log in  
Register your account to start 30 days of free trial access
Register  
Subscribe to become a client
Choose a package