Next Generation Exchange Management. How To Reduce Your Workload & Improve Protection. White Paper: Next Generation Exchange Management

Similar documents
Five Steps to Faster Data Classification

Stale Data and Groups

Varonis and FISMA Compliance

Entitlement Reviews: A Practitioner s Guide

VARONIS PARTNER PROGRAM

COMPLIANCE BRIEF: VARONIS AND THE US SECURITY AND EXCHANGE COMMISSION S OFFICE OF COMPLIANCE INSPECTIONS AND EXAMINATIONS (SEC OCIE)

Compliance Brief: The National Institute of Standards and Technology (NIST) , for Federal Organizations

VARONIS WHITEPAPER Accelerating Audits with Automation

COMPLIANCE BRIEF: HOW VARONIS HELPS WITH PCI DSS 3.1

VARONIS CASE STUDY. ATMI an Entegris Company

COMPLIANCE BRIEF: NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY S FRAMEWORK FOR IMPROVING CRITICAL INFRASTRUCTURE CYBERSECURITY

EXPRESS UNSTRUCTURED DATA RISK ASSESSMENT REPORT

VARONIS CASE STUDY. West and South Yorkshire and Bassetlaw Commissioning Support Unit

Netwrix Auditor Competitive Checklist

ATA DRIVEN GLOBAL VISION CLOUD PLATFORM STRATEG N POWERFUL RELEVANT PERFORMANCE SOLUTION CLO IRTUAL BIG DATA SOLUTION ROI FLEXIBLE DATA DRIVEN V

OpenText Fax Servers and Microsoft Office 365

SharePoint Migration Cleanup and Pre-Migration Checklist for Success

GSX 365 Usage Reports & Security Audit

VARONIS WHITEPAPER The Business Case for Data Governance

Evaluator Group Inc. Executive Editor: Randy Kerns

3 Tips for Your Woes: Streamline. Simplify. Cloud.

Mitigate Risk Around Unstructured Data Assess and remediate access to your company's sensitive data

VARONIS WHITEPAPER. Top 4 Tips to Secure Active Directory

7 Best Practices for Data Security in Office 365 and Beyond

Archiving, Backup, and Recovery for Complete the Promise of Virtualisation Unified information management for enterprise Windows environments

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak

CipherCloud CASB+ Connector for ServiceNow

HIPAA Controls. Powered by Auditor Mapping.

RSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief

IBM Proventia Management SiteProtector Sample Reports

How to Survive an IT Audit and Thrive Off It!

Insiders are the New Malware

PRODUCT BROCHURE Mailbox Shuttle and Archive Shuttle:

VARONIS CASE STUDY. Kirton McConkie. A Financial Services Design And Distribution Firm

Losing Control: Controls, Risks, Governance, and Stewardship of Enterprise Data

DATADVANTAGE 6.3. User Guide

GDPR Controls and Netwrix Auditor Mapping

How Security Policy Orchestration Extends to Hybrid Cloud Platforms

Data Virtualization and the API Ecosystem

SOX/COBIT Framework. and Netwrix Auditor Mapping. Toll-free:

ISO27001 Preparing your business with Snare

2 The IBM Data Governance Unified Process

Product Overview Archive2Azure TM. Compliance Storage Solution Based on Microsoft Azure. From Archive360

DOCAVE ONLINE. Your Cloud. Our SaaS. A Powerful Combination. Online Services. Technical Overview ADMINISTRATION BACKUP & RESTORE

FairWarning Mapping to PCI DSS 3.0, Requirement 10

ACHIEVING FIFTH GENERATION CYBER SECURITY

ITSM SERVICES. Delivering Technology Solutions With Passion

Five Essential Capabilities for Airtight Cloud Security

ISO/IEC Controls

Symantec Enterprise Vault

Top. Reasons Legal Teams Select kiteworks by Accellion

Managing Exchange Migration with Enterprise Vault

Mimecast Datasheet. Mimecast. Achieving best practice enterprise management with next generation Mimecast technology

Storage as a Service From Hitachi Vantara

Security and Compliance Powered by the Cloud. Ben Friedman / Strategic Accounts Director /

Sharing your calendar and setting permissions

Best Practices in Securing a Multicloud World

GUIDE TO STORAGE CHARGEBACKS WITH DATADVANTAGE

Archiving Success: Message Warehousing on the Mimecast Storage Grid

O N L I N E I N C I D E N T R E S P O N S E C O M M U N I T Y

Directory and Resource Administrator and Exchange Administrator Administrator Guide. July 2016

Jane s Military & Security Assessments Intelligence Centre. Understand Threats. Assess Capabilities. Challenge Assumptions.

Aged Care Security Solutions. security.gallagher.com

Securing Office 365 with SecureCloud

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Elevation of Privilege

Executing Large-Scale Data Center Transformation Projects with PlateSpin Migrate 12

Installation Guide Advanced Authentication - Logon Filter. Version 6.1

Secure SSH: Risk Management Solutions. Greg Kent Vice President, SecureIT

Outlook Desktop Application for Windows

The Hidden Costs of Free Database Auditing Comparing the total cost of ownership of native database auditing vs. Imperva SecureSphere

Securing Today s Mobile Workforce

SailPoint IdentityIQ Integration with the BeyondInsight Platform. Providing Complete Visibility and Auditing of Identities

Workflow Templates in Compliance 360 Version 2018

Symantec Client Security. Integrated protection for network and remote clients.

Improving Data Governance in Your Organization. Faire Co Regional Manger, Information Management Software, ASEAN

Migrating a Business-Critical Application to Windows Azure

NetWrix SharePoint Change Reporter

Control-M and Payment Card Industry Data Security Standard (PCI DSS)

Nebraska CERT Conference

How WhereScape Data Automation Ensures You Are GDPR Compliant

How can we gain the insights and control we need to optimize the performance of applications running on our network?

Server Virtualisation Assessment. Service Overview

The threat landscape is constantly

Controlling Costs and Driving Agility in the Datacenter

PCI DSS Requirements. and Netwrix Auditor Mapping. Toll-free:

Best practices for OO 10 content structuring

Internet Scanner 7.0 Service Pack 2 Frequently Asked Questions

Six Sigma in the datacenter drives a zero-defects culture

The Convergence of Security and Compliance

Snort: The World s Most Widely Deployed IPS Technology

12 Minute Guide to Archival Search

AND FINANCIAL CYBER FRAUD INSTITUTIONS FROM. Solution Brief PROTECTING BANKING

WHITE PAPER. The General Data Protection Regulation: What Title It Means and How SAS Data Management Can Help

IBM services and technology solutions for supporting GDPR program

Security Monitoring Engineer / (NY or NC) Director, Information Security. New York, NY or Winston-Salem, NC. Location:

Top 5 NetApp Filer Incidents You Need Visibility Into

Help Your Security Team Sleep at Night

Symantec Data Center Transformation

Perimeter Defenses T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN

Microsoft SharePoint Server 2013 Plan, Configure & Manage

Transcription:

CONTENTS OF THIS WHITE PAPER Introduction...1 Today s Exchange Management Challenges...1 Shared Mailbox & Delegation Rights Identification & Cleanup... 2 Public Folder Cleanup and Ownership Assignment... 2 Message Activity Auditing/Tracking... 2 Identify Spikes in Email Activity... 2 Stale Public Folders & Mailbox Identification... 2 The Next Generation of Exchange Data Governance...3 Shared Mailbox & Delegation Rights Identification & Cleanup... 3 Public Folder Cleanup and Ownership Assignment... 3 Message Activity Auditing/Tracking... 3 Identify Spikes in Email Activity... 3 Return on Investment...4 Summary...5 Contact Us...5 : How To Reduce Your Workload & Improve Protection INTRODUCTION Email suffers from the same management and protection challenges as every other unstructured and semi-structured data repository. The containers that house this critical data the mailboxes and public folders are often not adequately restricted, many of them have no known owner or steward, many are stale, and audit information is difficult to parse through or unavailable. Many of the same questions that arise about data containers on file servers and SharePoint sites can be difficult to answer for Exchange data containers: Who has access to a mailbox or public folder? Who should and should not have access to them? Who has been accessing mailboxes or public folders? Who do they belong to? Which containers are stale? How do we remediate excessive access without disrupting workflows? The answers to these questions are critical for several Exchange management tasks. This document will describe how an automated data governance solution can provide the answers to these questions, expediting Exchange-related management tasks and improving the controls that protect the critical data contained in mailboxes and public folders. TODAY S EXCHANGE MANAGEMENT CHALLENGES Exchange administrators face daily management and protection challenges with Exchange, beyond making sure email is flowing, available and responsive. Some of these challenges include: Shared Mailbox & Delegation Rights Identification & Cleanup Public Folder Cleanup and Ownership Assignment Message Activity Auditing/Tracking Identify Spikes in Email Activity, Stale Public Folders & Mailbox Identification Varonis Systems, Inc. 1

Shared Mailbox & Delegation Rights Identification & Cleanup It is cumbersome for organizations to identify shared mailboxes and delegated access, and who is making use of that access. Users can make changes to their own mailbox permissions, inadvertently exposing their own data. Cleanup is challenging because it is difficult to determine which users or processes are making legitimate use of this access. Public Folder Cleanup and Ownership Assignment Even in the most rigorous IT departments, Exchange Public folders suffer from the same challenges common to file shares: permissions are often not well maintained, activity is not easily tracked or analyzed, and ownership is often unknown. Public folder permissions contain mail enabled users and distribution groups it is difficult to assess who has access to which public folders and which public folders a user or group has access to. Over time, those permissions and group memberships often grow stale and require review. Creating a permissions report for an Exchange public folder can take quite a bit of time using manual methods. Message Activity Auditing/Tracking Organizations face challenges collecting and analyzing Exchange activity; an enormous amount of messages are sent and received every day throughout a distributed infrastructure. Even if an organization enables journaling on its Exchange servers, those separate journals need to be consolidated and aggregated. In order to keep the data for any period of time and make use of it, it needs to be normalized, processed, and analyzed so that it can be searched and sorted quickly, and actionable information can be distilled. Without technology built for this purpose, Exchange administrators are forced to cull through voluminous, disparate journals when searching for who sent which email to whom, etc. Identify Spikes in Email Activity It is difficult for Exchange administrators to identify changes in user access and transmission activity, whether due to workflow changes, configuration error, malicious activity, or malware. Spikes in activity can degrade system performance as well as signal possible security issues. Email worm and virus outbreaks are often difficult to spot, track, and eradicate. Exchange administrators often have to lean on the security team to analyze IDS/IPS and firewall logs to identify infected targets. Stale Public Folders & Mailbox Identification Many public folders and mailboxes have a shelf life; after a certain period of time they stop being used. Without analysis of actual access activity, it is difficult to identify which folders and mailboxes are not being contributed to or accessed. While not being used, these folders and mailboxes provide little operational value to the organization, are at risk if not properly locked down, and often reside on expense storage. Identifying stale data provides opportunities for cost savings and risk reduction. Varonis Systems, Inc. 2

THE NEXT GENERATION OF EXCHANGE DATA GOVERNANCE Organizations have already discovered that to effectively manage and protect folders and SharePoint sites they require metadata and automation to collect, normalize, and analyze that metadata. Organizations will now realize that they need Exchange metadata collection and automation to manage and protect Exchange mailboxes and public folders. Varonis offers this through DatAdvantage for Exchange. With Varonis DatAdvantage for Exchange, three types of Exchange metadata can be automatically collected and presented: Exchange permissions information User and Group information from Active Directory A record of each message sent and received With these metadata streams automatically collected, normalized, and analyzed, organizations will be able to determine who has access to any mailboxes or public folders and which mailboxes and public folders any user or group has access to, who should and should not have access, who has been accessing these containers, and how to remediate excessive access without disrupting end-user activity. Shared Mailbox & Delegation Rights Identification & Cleanup Varonis analyzes all mailbox and sharing permissions, captures all permissions changes and actual access activity, spotting shared and delegated access, and identifying excessive permissions. Administrators may simulate changes prior to committing them; this simulation automatically calculates the probable disruptive impact of the change using the actual activity records. Public Folder Cleanup and Ownership Assignment Varonis brings its proven technology and operational methodology for cleanup, ownership identification and assignment, and ongoing management of public folders. Owners are identified through actual activity and other metadata, assigned through the DatAdvantage interface, and can be provided scheduled reports about their data automatically, such as who has access, who should no longer have access, and who is accessing their data. Message Activity Auditing/Tracking The Varonis Metadata Framework non-intrusively collects audit activity, pre-processes it, normalizes it, analyzes it, stores it, and presents it through interactive, dynamic interfaces. Identify Spikes in Email Activity By analyzing the access activity for statistical deviations in normal access patterns, Varonis will spot likely worm and virus activity, and other abnormally high message activity. Stale Public Folders & Mailbox Identification Varonis uses its record of actual access to determine which mailboxes and public folders are not being accessed, and/or have not been accessed by a non-automated process. These stale mailboxes and public folders may then be archived and locked down to reduce tier 1 storage costs and risk. Varonis Systems, Inc. 3

RETURN ON INVESTMENT Manual management and protection tasks that Exchange administrators perform on a daily basis are cumbersome, prone to errors, take a considerable amount of time, and Exchange administrators don t often get to all the tasks they d like to do. When you take into account all the time spent adding people to distribution groups, figuring out what happened to someone s missing email or calendar invite, tracking down who a public folder (or mailbox) belongs to and who has access to it there is a sizable opportunity for operational savings and reducing risk through automation. Exchange Activities: Manual vs. Automated Activity Manual Automated Creating a permissions report 30 min 2 min Troubleshooting permissions problems 30 min 5 min Fixing Permissions 20 min 5 min Email investigations 6 hours 20 min Identifying the owner of a folder or mailbox 4 hours 15 min Managing distribution groups 20 min 2 min Varonis Systems, Inc. 4

SUMMARY Varonis has extended its underlying Metadata Framework Technology to help organizations manage and protect their Exchange data just as they have protected their file systems and SharePoint severs. By adding Exchange metadata to the permissions information, directory services information, and access activity that has helped answer data governance questions about file systems and SharePoint sites, Varonis will now provide the answers to data governance questions for all prominent unstructured and semi-structured platforms through a single interface: Windows and UNIX File Servers, NAS Devices, SharePoint, and Exchange. The same operational workflows that organizations have been using for several years to automate management and protection of folders and SharePoint sites will now be applied to the data containers in Exchange: mailboxes and public folders. Organizations will be able to analyze permissions, identify excessive access, identify owners for public folders, identify stale containers, and have a complete audit trail of every email sent and received in the same sortable, searchable interface that they have been using to find lost files, perform forensics, and spot anomalous activity. Mailbox and public folder owners will be identified and assigned in DatAdvantage, and then automatically receive reports about their containers: who has access to them, who should not have access to them, who is accessing them, and which containers are growing stale. Additionally, with Varonis DataPrivilege, organizations will be able to automate distribution list management, just as they have automated folder and active directory group management. Distribution list owners may be identified and assigned within Varonis DatAdvantage, and then access list entitlement review and authorization processes will be automated. CONTACT US Worldwide Headquarters New York, NY Phone: 877-292-8767 sales@varonis.com WORLDWIDE HEADQUARTERS EUROPE, MIDDLE EAST AND AFRICA 499 7th Ave., 23rd Floor, South Tower 1 Northumberland Ave., Trafalgar Square New York, NY 10018 London, United Kingdom WC2N 5BW Phone: 877-292-8767 Phone: +44-0-800-756-9784 sales@varonis.com sales-europe@varonis.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback