Dedham Savings Bank was looking for a solution that could monitor insider activity to detect suspicious behaviour that typically is caused by ransomware, and insider threats like mass deletions and employees accessing data they shouldn’t. As a regulated financial institution, Dedham Savings also needed to follow policies and federal guidelines for data retention. Their search for solutions led them to Varonis DatAdvantage for Windows, DatAdvantage for Directory Services, DatAdvantage for SharePoint, DatAlert, Data Classification Framework, and Data Transport Engine. Varonis Professional Services helped enable the bank to implement these solutions smoothly. Securing data and meeting regulatory compliance
Jim Hanlon, Senior Vice President & CTO of Dedham Savings Bank, said, “One of the biggest regulatory requirements right now is to be totally confident about where customer information resides on your network. When you know where it is, then there are no surprises.”
Now Varonis DatAdvantage ensures that only the right people at Dedham Savings Bank have access to the right files, monitors all access, and flags any potential abuses. DatAdvantage also helps keep track of which files employees view, move, and copy.
Protecting against Ransomware threats like Cryptolocker
By analysing file activity, Varonis is able to alert on potential security breaches like Cryptolocker, a form of ransomware that encrypts files and demands a ransom. Alerting criteria and outputs are configured so that the right people and systems at Dedham Savings Bank can be notified of potential threats.
Hanlon continued, “Cryptolocker is a huge security threat, so having DatAlert in place to help prevent attacks is a no-brainer for us. When anyone from the outside tries to encrypt a file on the network or use a compression tool like WinZip, DatAlert will let us know in real time. Also, we can receive alerts about suspicious internal activity. It’s nice to know Varonis is looking out for us and will be able to catch things and help us proactively prevent internal and external data breaches.”