Using Varonis SaaS to Secure Microsoft 365

Somerford Blog

Microsoft 365 is an excellent platform for making collaboration within the workplace very easy and as the number of remote workers has increased over the past few years, many businesses have since chosen to integrate M365 into their workplace. Moving data to cloud repositories and services has helped many businesses to ensure productivity remains high and allow organisations to adopt these remote and hybrid models of working, but it is important to remember that data within these cloud repositories such as in M365 still need protecting and monitoring.

There are lots of tools available to help businesses monitor different parts of 365, but Varonis SaaS covers the full Microsoft 365 suite, including Azure AD, Exchange Online, Sharepoint Online, OneDrive and Teams and presents all of the information in one place, rather than having to hunt between monitoring systems to find the total situation.

One of the first things Varonis does is map and classify your data and is able to tell you whether it is sensitive or not. Patterns, string matches, regular expressions, proximity sensing and dictionaries are used to identify files that contain sensitive data, detecting files containing data such as GDPR, PCI or PII. It comes with many predefined rules, which can all be enabled or disabled and are customisable so businesses can pinpoint the information they need.

Automated Policies

Varonis SaaS can help organisations to enforce policies with the autonomous remediation features. Often collaboration links are used in 365 which allows users to be able to share files and folders with people in the organisation, and also with external people, such as contractors or customers as well. Employees being able to freely use collaboration tools improves communication but this does come with a lot of risk. It can often mean that sensitive information is exposed to those people who it shouldn’t be.

Varonis SaaS dashboard showing various configurations

Threat Detection

Varonis employs User Behaviour Analytics to build profiles on users to get to know what would be considered as normal behaviour for these accounts. This means, it’s then able to alert on any behaviour which is seen as abnormal for these accounts and/or users. Predefined and customisable alert rules are also provided to flag common suspicious activity in Azure AD, SharePoint Online and OneDrive to help detect threats from attackers and malware. As Varonis SaaS is connected to the Varonis Cloud, customers can feel reassured that any updates to threat models will be updated automatically.

In addition, this means that the Varonis Incidence Report team will have their eyes on alerts at all times, so if something rather alarming crops up, Varonis may even get in contact to make sure it’s brought to your attention before you realise what has happened.

Get started with Varonis SaaS with a free Data Risk Assessment

If you would like to see how Varonis SaaS can help your business, get started with a free Data Risk Assessment. A DRA is an assessment of an organisation’s data stores and provides a chance to see how Varonis can assist with your Data Protection, Compliance and Threat Detection needs. As part of the assessment, you’ll receive a report (sample here) which provides an insight into how much of your data is sensitive, where vulnerabilities lie, and whether any data is over-exposed. Data Risk Assessments are entirely free.

You can request a Data Risk Assessment from Somerford Associates here.

Cookie	Duration	Description
ADRUM_BT1	past	This cookie is used to optimize the visitor experience on the website by detecting errors on the website and share the information to support staff.
ADRUM_BTa	past	This cookie is used to optimize the visitor experience on the website by detecting errors on the website and share the information to support staff.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_1170872_23	1 minute	Set by Google to distinguish users.
_gat_gtag_UA_99925054_1	1 minute	Set by Google to distinguish users.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
CONSENT	16 years 2 months 24 days 11 hours 26 minutes	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.
vuid	2 years	Vimeo installs this cookie to collect tracking information by setting a unique ID to embed videos to the website.

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextId	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.

Cookie	Duration	Description
cookie-test	past	No description
cookielawinfo-checkbox-functional	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
guest	1 month 1 hour	No description available.
jcm	past	No description
jcmc	past	No description
JOTFORM_SESSION	1 month	No description available.
SameSite	past	No description available.
theme	1 month 1 hour	No description available.
userReferer	1 month 1 hour	No description available.

Our Partners

/

Splunk

Okta

Varonis

Netskope

HashiCorp

Lacework

Confluent

Securiti

mnemonic

KnowBe4

OneSpan

Services

Need help?

Government

News

Case Study

Resources

What is Multi-Cloud Security?

Somerford Blog