IDC Report: Importance Of Metadata Technology In Preventing Future Data Leaks

Report highlights how the widespread use of collaborative content technologies is fueling aggressive growth of unstructured and semistructured data

March 5, 2011

6 Min Read

PRESS RELEASE

NEW YORK – March 7, 2011 - Varonis Systems Inc, the foremost provider of comprehensive data governance software, today announced the findings of a Technology Spotlight issued by analyst firm IDC, which outlines the emergence of metadata framework technology as a now critical component for managing and securing unstructured and semi-structured data within an organization.

The report, titled “Leveraging Metadata Framework Technology to Take Control of the Information Explosion,” highlights how the widespread use of collaborative content technologies is fueling the aggressive growth of this unstructured and semi-structured data. While collaboration produces highly valuable information it also introduces significant risk due to increasingly complex and dynamic access control requirements.

“Digital integrity is a critical business differentiator for any organization. The high-profile data breaches in the last three years demonstrate that organizations who fail to protect sensitive data will incur serious regulatory and legal liabilities, along with revenue and market share declines,” said analyst Vivian Tero, IDC. “A metadata framework provides visibility, auditing, and actionable intelligence to better manage and

protect data. Organizations can employ this metadata information to support critical IT initiatives such as entitlement reviews, compliance audits, data ownership identification, records management, domain and data migrations, consolidations, archiving, and retention projects. Visibility, actionable intelligence and automation are critical to managing the explosion of unstructured and semi-structured content in distributed systems.”

Varonis Metadata Framework™ technology is designed to nonintrusively collect critical metadata about unstructured and semi-structured data. Varonis customers have the ability to completely standardize unstructured and semi-structured data protection and management for their File Systems, NAS, SharePoint Sites and Exchange Mailboxes and Public Folders with the Varonis' Metadata Framework™ technology that forms the foundation of Varonis software. Organizations can effectively and automatically manage data access control, ownership, classification, entitlements and authorization processes on the platforms that host unstructured and semi-structured data. The Varonis' Metadata Framework™ enables organizations to expand digital collaboration boundaries safely while at the same time significantly increasing IT workforce productivity for daily data protection and management tasks.

“The findings of this technology spotlight underscore the need for organizations to have metadata framework technology in place that automates the process of answering the following questions: Who has access to data, who is using their access, who shouldn't have access, who owns the data, and what data is sensitive?’” said, Yaki Faitelson, Chief Executive Officer, President and Co-founder of Varonis Systems. “With IT departments already stretched thin, the days of manually verifying data entitlements and remediating compliance violations are not only impractical and time consuming, but also detrimental to a company’s bottom line.”

IDC forecasts that the total digital universe volume will increase by a factor of 44 in 2020. According to the report, unstructured data and metadata have an average annual growth rate of 62 percent. More importantly, high-value information is also skyrocketing. In 2008, IDC found that 22 to 33 percent of the digital universe was high-value information (data and content that are governed by security, compliance and preservation obligations). Today IDC forecasts that high-value information will comprise close to 50 percent of the digital universe by the end of 2020.

Drivers for a metadata framework include:

Data loss is rising: IDC research notes that organizations average 14.4 unintentional data losses a year, mostly through employee negligence. Organizations need to ensure that controls are in place to mitigate the risks of data leakage, theft, loss and integrity arising from excessive access rights and permissions and non-existent audit trails. Excessive and/or out of date privilege and access rights were considered as having the most financial impact on the organization. IT is drowning in the data deluge: IT budgets are, on average, growing at less than one-fifth the forecasted annual growth rates of digital information, according to IDC. At the same time, manual approaches to managing and protecting information have become unwieldy, error-prone and ineffective. IT needs automated analysis of the permissions structure to determine which containers require ownership, and analysis of actual access activity to identify likely data owners.

Stale data impacts the bottom line: Inactive and orphaned folders can be as high as 70 to 85 percent of the data in distributed systems. The majority of organizations have no process to identify the owner of files, and many are unable to determine which individuals and roles are authorized to access the data.

Impact on the cloud: Without adequate information on the security and compliance profile of the data - including data ownership, access controls, audits and classification – cloud computing initiatives are amorphous and imprecise. CFOs and CIOs will be hesitant to move critical data and processes into the cloud without visibility on access and ownership, traceability and data segregation. Automation is key to success: Too often, users have access to significant amounts of data that isn’t relevant to them. Organizations therefore need to ensure that users and roles are aligned to correct groups, and that these groups enable access to the appropriate data containers.

About the Varonis' Metadata Framework™ Four types of metadata are critical for data governance:

User and Group Information – from Active Directory, LDAP, NIS, SharePoint, etc.

Permissions Information – knowing who can access what data in which containers

Access Activity – knowing which users do access what data, when, and how

Sensitive Content Indicators – knowing which files contain items of sensitivity and importance, and where they reside

The Varonis Metadata Framework non-intrusively collects this critical metadata, generates metadata where existing metadata is lacking (e.g. its file system filters and content inspection technologies), preprocesses it, normalizes it, analyzes it, stores it, and presents it to IT administrators in an interactive, dynamic interface.

The Technology Spotlight paper is adapted from "IDC Worldwide Governance, Risk, & Compliance Infrastructure 2010-2014 Forecast: Increased Regulatory Oversight, Privacy, Cloud Computing and Smart Cities Drive Emerging GRC Obligations 2010" by Vivian Tero; IDC doc #222214. The paper is available online at LINK HERE. Free 30-day Trial Aids with Data Leak Prevention Enterprises can receive a free, 30-day trial of Varonis DatAdvantage to help them with their data governance assessments, by visiting http://www.varonis.com/go/17582. Within hours of installation, customers can conduct an automated permissions audit, generate reports, and see which users are accessing the data and how.

About Varonis Systems Varonis is the leader in unstructured and semi-structured data governance for file systems, SharePoint and NAS devices, and Exchange servers. The company was named "Cool Vendor" in Risk Management and Compliance by Gartner, and voted one of the "Fast 50 Reader Favorites" on FastCompany.com. Varonis has over 3,000 installations worldwide. Based on patented technology and a highly accurate analytics engine, Varonis' solutions give organizations total visibility and control over their data, ensuring that only the right users have access to the right data at all times. Varonis is headquartered in New York, with regional offices in Europe, Asia and Latin America, and research and development offices in Hertzliya, Israel.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights