Of the insights gleaned from dozens of customer risk assessments conducted in mid-to-large enterprises prior to remediation, in a subset of each company’s file systems, Varonis found the average company had:
- 35.3 million files, stored in 4 million folders, meaning the average folder has 8.8 files
- 1.1 million folders, or an average of 28% of all folders, with “everyone” group permission enabled –open to all network users
- 9.9 million files that were accessible by every employee in the company regardless of their roles
- 2.8 million folders, or 70% of all folders, contained stale data -- untouched for the past six months
- 25,000 user accounts, with 7,700 of them or 31% “stale” – having not logged in for the past 60 days, suggesting former employees, employees who changed roles, or consultants and contractors whose engagements have ended
The ‘everyone’ group is a common convenience for permissions when originally set up. That mass access also makes it astonishingly easy for hackers to steal company data.
Some individual companies’ lowlights that were gleaned from the Varonis risk assessments:
- In one company, every employee had access to 82% of the 6.1 million total folders.
- Another company had more than 2 million files containing sensitive data (credit card, social security or account numbers) that everyone in the company could access.
- 50% of another company’s folders had “everyone” group permission and more than 14,000 files in those folders were found to contain sensitive data.
- A single company had more than 146,000 stale users – accounts whose users had not logged in for the past 60 days. That’s nearly three times more users than the average FORTUNE 500 company has total employees.
David Gibson, Vice President of Strategy and Market Development at Varonis, said, “Although this data presents a bleak look at the average enterprise’s corporate file system environment, the organisations running these risk assessments are taking these challenges seriously. Most of them have since implemented Varonis, embracing a more holistic view of the data on their file and email systems and closing these gaping, often unseen security holes before the next major breach causes heavy damage. Our software is able to provide a granular look at where sensitive data lives, where it is over-exposed within an organisation, who is accessing that data, and how to lock it down. While that remediation process is running, our ability to start detecting and stopping many types of insider threats has been a major revelation for our customers.”