Every Solution You Can Imagine – and More
What cybersecurity solution do you need? From Zero Trust to ADR, IAM, risk/privacy, data protection, AppSec and threat, securing digital transformation, to resiliency and remediation, we can build the right program to help solve your challenges.
A Single Partner for Everything You Need
Optiv works with more than 450 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv
Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner.
However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
January 27, 2023
By now you may have heard of Varonis SaaS, and if you haven’t, prepare to learn more. In this blog I will expound on this latest and welcome offering from Varonis. Essentially, Varonis has re-packaged its enterprise flagship Data Security Platform (DSP) as a SOC 2-compliant SaaS offering. Hosted in the cloud, Varonis delivers the same experience — but now in a more streamlined and scalable way—and brings all the benefits that come with SaaS. Users can take advantage of accelerated time to benefit, lowered TCO with reduced hardware and software requirements, and automated release updates.
This represents an expansion of Varonis’ SaaS offerings, which includes their DSPM product (called Varonis DatAdvantage Cloud). If you aren’t familiar with this product, I encourage you to take a few minutes and read my previous blog post that covers this in detail.
Varonis’ SaaS simplifies deployment and implementations while delivering the same data security achievements that Varonis is widely and well known for. This new SaaS platform brings a lot to the table. Deployments are now yielding dynamic updating of threat models and policy updates, as well as an even more proactive threat detection and response capability. Throughout this blog post I will cover some of these items. Varonis SaaS increases efficiency and enhances the effectiveness Varonis has long been providing.
In the sections ahead I’ll discuss what is available today in Varonis SaaS, and in a future post I’ll discuss what can be expected in 2023 and beyond.
As with any new platform, questions arise about key changes and differences from previous product iterations. In this section I’d like to discuss those as they stand today. Please realize that Varonis SaaS, due to its very nature, is constantly evolving as feature parity from Varonis’ traditional self-hosted platform improves, and as entirely new features are added.
Let’s first look at the architecture. Picture 1 below shows the high-level architecture for Varonis SaaS.
Picture 1 – Architectural overview of Varonis SaaS
As shown above, the “Varonis SaaS” cloud represents nearly the entirety of what a traditional Varonis (self-hosted) environment would include. An organization will no longer need to host the core Varonis infrastructure or spin up numerous VMs. Gone are SQL license costs and the need to host the Varonis database.
With Varonis SaaS there are noticeable differences from the on-premises solution. For example, Varonis is simplifying à la carte products into one SaaS platform. Picture 2 below illustrates how the product modules available in the traditional Varonis (self-hosted) world will simply be a part of the new Varonis SaaS platform as features. There will now be Protection Packages that cover the scope of the previously à la carte products.
Picture 2 – Self-hosted modules transitioned to Varonis SaaS features
Those Protection Packages are Windows/NAS, Microsoft 365, and Hybrid as shown in Picture 3 below.
Picture 3 – Protection Packages available in Varonis SaaS
Below, Picture 4 is a breakdown of the protection packs. An organization would just need to decide which environment(s) they would like Varonis to protect.
Picture 4 – Protection packs based on environment types
Additionally, Varonis is employing “Policies,” which are becoming major value points for Varonis SaaS — specifically for Microsoft 365. Policies are the Varonis SaaS version of their Automation Engine. If you’re not familiar, the traditional Automation Engine allows for streamlining the process of removing undesired global access groups from permission sets, as well as fixing certain permission issues such as permissions with broken inheritance. If you’d like to explore the topic further, you might review my blog post on the Automation Engine.
In similar fashion, what Varonis SaaS policies achieve is a method of automated remediation for over-exposed links throughout your organization’s Microsoft 365 environment. In addition to a library of out-of-the-box policies, here are some of the creative ways Varonis SaaS customers are leveraging the policy framework.
In contrast to the traditional Varonis (self-hosted) offering, nearly all the resource requirements are moved into the cloud. Only a Deployment Hub and a Collector must remain within the confines of an organization’s environment. If you are unfamiliar with the self-hosted offering, an organization typically hosts and manages the entirety of the Varonis infrastructure.
Essentially, Varonis SaaS would be a great fit if the below items match your organization’s criteria:
If the above doesn’t match your situation, Varonis’ self-hosted platform might be a better match for your data security needs. Key markers that might indicate this being a better fit for you organization would be:
Wondering if the latest Varonis SaaS offering is right for you? If your organization meets the following baseline criteria, then Varonis SaaS could be a potentially great fit to ensure your organization has a top-notch data security posture:
These criteria will be expanding as Varonis continues to roll out Varonis SaaS across the globe and expands its capabilities and features. So, hang on to your hat, Varonis is rapidly expanding their ability to host in other regions of the globe.
As you can imagine, assessments are a little different in the SaaS world. Assessment times are drastically improved. An organization can get an assessment off the ground more quickly due to there being limited resource requirements.
Varonis SaaS assessments yield meaningful results and can provide a snapshot of the health and protection of an environment — whether this be in Microsoft 365 or in an organization's on-premises data stores.
Let Optiv help. We can connect to and assess your data in minutes. The output of these assessments is eye-opening and leads to larger conversations around data, data security and compliance. Contact your Optiv client manager to inquire about an assessment for your organization.
Optiv Security: Secure greatness.®
Optiv is the cyber advisory and solutions leader, delivering strategic and technical expertise to nearly 6,000 companies across every major industry. We partner with organizations to advise, deploy and operate complete cybersecurity programs from strategy and managed security services to risk, integration and technology solutions. With clients at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can. At Optiv, we manage cyber risk so you can secure your full potential. For more information, visit www.optiv.com.
July 28, 2022
Varonis DatAdvantage Cloud (DAC) ensures proper visibility into your cloud SaaS footprint. Optiv's assessments take DAC to the next level. Schedule....
August 26, 2021
This post overviews the Varonis DatAlert Suite, its capabilities and how it stacks on top of the core Varonis Data Security Platform.
November 02, 2021
Learn how the Varonis Automation Engine allows you take control of your file permissions in an efficient and automated way.
Let us know what you need, and we will have an Optiv professional contact you shortly.