Netwrix
Netwrix
1
PLATFORM INFORMATION & QUICK TIPS
• Use the HELP icon at the bottom for FAQ’s and system requirements.
2
CPE CREDIT PROCESS
LIVE EVENT & ON DEMAND RECORDING
• You must view the live or recorded webinar for the required amount of time
(50-minutes). Check the CPE Credit window to view the timer.
• Your CPE Certificate will automatically appear in the ISACA CPE RECORDS
tab on the MyISACA page after completing the required viewing time.
• Please be patient. This process could take up to 48 hours for your CPE Certificate
and the CPE credit to be applied to your account.
• As a reminder, ALL ISACA webinars, the CPE credits and CPE certificates expire
365 DAYS POST LIVE EVENT. Please make sure you save the appropriate
documents to your personal records.
3
TODAY’S SPEAKER
Adam Rosen
VP of Product Strategy
Netwrix
SENSITIVE DATA IS EVERYWHERE
Windows file
NAS SQL Oracle
servers
Azure
Microsoft 365 AWS S3 AWS databases
databases
Box Dropbox
Directory services
5
THINK LIKE AN ATTACKER
CLO U D O N -P REM EN DP O IN T
Da ta
V V V V
Da t a Ce n t e r Co -Lo ca t io n Wo r k s t a t io n La p t o p
VDI
V V V V
6 Br a n ch Office
THINK LIKE AN ATTACKER
7
THINK LIKE AN ATTACKER
8
PATH TO LEAST PRIVILEGE
01 02 03 04 05
DISCOVER COLLECT & ANALYZE MONITOR RESTRUCTURE GOVERN
9
POLLING QUESTION
10
DATA PRIVACY ESSENTIALS
11
DATA PRIVACY WORKFLOW
IDENTITY SUBJECT IDENTITY
CONNECTORS UNSTRUCTURED
PROFILES SCANNER
DATA
AnyID
CONNECTOR AnyDATA
CONNECTOR
PRIVACY SERVICES
12
SUBJECT PROFILES
13
¹ www.ciodive.com/news/58-of-companies-fail-to-meet-gdprs-data-request-deadlines/568416/
AUTOMATING PRIVACY BY DESIGN
14
RESTRUCTURING ACCESS WITH RESOURCE-BASED GROUPS
OPEN 3 GROUPS,
ACCESS FIXED
DEPARTMENTAL PERMISSIONS,
SHARE NO MESSING
SINGLE AROUND
USERS
LOTS OF
OPTIONS
15
Current State Ideal State
- READ
- READ/WRITE
READ WRITE
Remove
16
AUTOMATED OUTCOMES
17
ADDING ROLES
READ WRITE
Role Exception Role Exception
EVERYONE
READ WRITE
Role Exception Role Exception
19
PRIORITIZING BASED ON RISK
• Negotiation
21
ONGOING GOVERNANCE AND ACCESS CERTIFICATION
Elaine Benes Sales Director of Finance Read: User has only read activity
Susan Ross Sales VP, Sales East None: User has no activity
Ruthie Cohen Sales Director, Sales Mid-Market None: User has no activity
22
Questions?
THANK YOU FOR ATTENDING
24
This training content (“content”) is provided to you without warranty, “as is” and “with
all faults”. ISACA makes no representations or warranties express or implied, including
those of merchantability, fitness for a particular purpose or performance, and non-
infringement, all of which are hereby expressly disclaimed.
You assume the entire risk for the use of the content and acknowledge that: ISACA
has designed the content primarily as an educational resource for IT professionals and
therefore the content should not be deemed either to set forth all appropriate
procedures, tests, or controls or to suggest that other procedures, tests, or controls
that are not included may not be appropriate; ISACA does not claim that use of the
content will assure a successful outcome and you are responsible for applying
professional judgement to the specific circumstances presented to determining the
appropriate procedures, tests, or controls.
Copyright © 2022 by the Information Systems Audit and Control Association, Inc. (ISACA). All rights reserved. This webinar may not be used, copied, reproduced,
modified, distributed, displayed, stored in a retrieval system, or transmitted in any form by any means (electronic, mechanical, photocopying, recording or otherwise).
25