This is arguably the most automated of the tools we saw. Once the rule set is established, DatAdvantage takes over and performs a variety of services. It has a sophisticated user, group and data management console, addressing all from a single pane of glass. Should the system recommend a change in access or policy based on administrator adjustments, it can simulate the impact of the change on users.
Policy setup is the core of this, as with most data classification tools. The policy engine in DatAdvantage is straightforward, granular and easy to use. There are predefined policies that can be used as-is or modified to become custom rules. And, of course, custom rules can be created from scratch. Once rules are created and data, users and groups identified, the administrator is ready to assign rules to data and the tool goes into its functions.
Data collection is the key to the process. That means it must discover files and classify content based on rules. It also must discover users and groups and assign file permissions accordingly. When all is ready, the tool processes what it has found, including aggregation and normalization. It then can simulate the results of its efforts and, if all goes well, classifications and access permissions are embedded in persistent metadata.
DatAdvantage is compatible with most Windows and Unix file servers, Linux, Exchange and SharePoint, as well as some types of network-attached storage devices. The price may seem a bit high, but when used with data leakage prevention (DLP), this becomes the first line of defense against loss of control of sensitive data. Even without DLP, DatAdvantage provides a strong source of classification and concurrent control of documents from most of the sources one is likely to need.
At a glance
Product Varonis DatAdvantage
Company Varonis Systems
Price $17,000 for 100 users.
What it does Provides data classification for human-generated files, such as documents and SharePoint files or any human-generated files that reside on file servers.
What we liked Smart functionality that can do things - such as find data that needs users - and then finds the users whose activity indicates they should have rights to the data.