An average of 20% of folders per organization open to every employee, according to survey data from Varonis. In fact, about half (47%) of organizations were found to have at least 1,000 sensitive files accessible to every employee. And a fifth (22%) had 12,000 or more sensitive files exposed to every employee.
Varonis has conducted more than a thousand risk assessments for customers and potential customers on a subset of their file systems. The assessment provides insight into the risks associated with corporate data, identifies where sensitive and regulatory data resides, reveals over-exposed and high risk areas, and makes recommendations to increase their data security posture. In crunching the numbers for its Varonis Data Risk Report, analysts examined 236.5 million folders containing 2.8 billion files, comprising 3.79 petabytes of data.
Of that figure, 48.1 million folders were open to “global access groups,” or groups that grant access to the entire organization. Also, 71% of all folders contained stale data, accounting for almost 2 petabytes of data, and 24.4 million folders had unique permissions, increasing complexity and making it more difficult to enforce a least privilege model and comply with regulations like General Data Protection Regulation (GDPR).
Failure to reduce the use of global access groups, lock down sensitive files and dispose of stale data exposes an organization to data breaches, insider threats and crippling ransomware attacks.
“In data breaches and ransomware attacks, files are targeted because they are high-value assets and usually vulnerable to misuse by insiders and outsiders that transgress the perimeter. While organizations focus on outer defenses and chasing threats, the data itself is left broadly accessible and unmonitored,” said Ken Spinner, VP of field engineering at Varonis.