Businesses are literally waving their sensitive data in the air, just waiting for hackers to come and snatch them. Those are basically the results of a new comprehensive report by threat protection company Varonis Systems.
The company collected anonymous data during risk assessments for potential customers for a year, and has now transformed that data into useful insights, showing a ‘staggering level of exposure in corporate file systems’.
In the report, Varonis says that the average mid-to-large company has 35.3 million files in 4 million folders, meaning an average folder has 8.8 files. Now, 28 per cent of all folders, or 1.1 million of them, have the “everyone” group permission enabled, meaning they’re open to all network users, including those who shouldn’t be there in the first place.
Further 9.9 million files were accessible by everyone, no matter of their role. Another important discovery is that out of 25,000 user accounts, 7,700 (31 per cent) of them were ‘stale’ – not being logged in for the past 60 days.
David Gibson, Vice President of Strategy and Market Development at Varonis, said, “Although this data presents a bleak look at the average enterprise’s corporate file system environment, the organisations running these risk assessments are taking these challenges seriously. Most of them have since implemented Varonis, embracing a more holistic view of the data on their file and email systems and closing these gaping, often unseen security holes before the next major breach causes heavy damage. Our software is able to provide a granular look at where sensitive data lives, where it is over-exposed within an organisation, who is accessing that data, and how to lock it down. While that remediation process is running, our ability to start detecting and stopping many types of insider threats has been a major revelation for our customers.”