UPDATED 00:00 EDT / APRIL 04 2018

INFRA

Report finds enterprises are often their own worst enemy when it comes to file security

A new report from data security firm Varonis Systems Inc. has found that enterprises are often their own worst enemy when it comes to security by exposing confidential files and folders to employees who did not require access to them.

The report, “Data Under Attack: 2018 Global Data Risk Report,” found that on average, 21 percent of a company’s folders were accessible to every employee, while 41 percent of companies had at least 1,000 sensitive files open to all employees.

Based on analysis of data risk assessments conducted by Varonis in 2017 for customers and potential customers of their file systems, the numbers go from bad to worse, with 58 percent of organizations having more than 100,000 folders open to all employees.

On the security front, 46 percent of organizations had more than 1,000 users with passwords that never expire and 34 percent of all accounts were found to be so-called “ghost” users, those with inactive accounts that still have access to files and folders. In addition, 54 percent of data was rated as stale, that is, files no longer used, presenting further security risks while also adding to storage costs and complicating data management.

“It only takes one leaked sensitive file to cause a headline-making data breach,” Varonis Technical Evangelist Brian Vecci said in a statement. “And we’re seeing hundreds of thousands of exposed sensitive folders in our risk assessments.”

Vecci added that executives and board members are starting to understand how much of their data is at risk. “They need to know these exposed folders can be fixed,” he said. “We’ve seen how one unpatched server can lead to a disaster; a single ‘unpatched’ folder can be just as disastrous, and it doesn’t take an expert or sophisticated code to exploit it.”

The figures in the report, a full copy of which is available from Varonis, was based on data risk assessments performed on 130 organizations and more than 6 billion files, with an average of 36,242 user accounts, more than 3.5 million folders and more than 48 million files per company.

Picture: derekskey/Flickr

A message from John Furrier, co-founder of SiliconANGLE:

Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.

  • 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
  • 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.

Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.

Cookies

We employ the use of cookies. Find out more.