Many employees can access millions of company files on their first day

By Mayank Sharma
published

Problem is often further compounded by poor active directory hygiene

Representational image of data security
(Image credit: Kingston)
Audio player loading…

On average, new employees can access about six million corporate documents (opens in new tab) on their first day on the job, a new report has claimed.

Based on an analysis of four billion files across 50 different organizations, cybersecurity (opens in new tab) vendor Varonis found a huge overexposure problem of data in the manufacturing industry.

“Manufacturers hold sensitive, and incredibly valuable data that puts them at risk. And as we saw with WannaCry, DarkSide and so many other attacks, ransomware (opens in new tab) can stop production lines and halt businesses. All too often, information is overexposed and under protected,” said Matt Lock, technical director, Varonis.

TechRadar needs yo...

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

>> Click here to start the survey in a new window (opens in new tab) <<

In the report (opens in new tab) Varonis argues that overexposed and under-protected data can cause all sorts of problems; from employees copying, sharing, and deleting sensitive information, to inadvertently leaking them to cybercriminals who then use it to gain a foothold onto the corporate network.

Limit access and impact

Varonis discovered that on average every employee can access about a fifth of the files in an organization. The number rises to a quarter for mid- and small-sized businesses.

Worryingly, four in ten organizations have 1,000+ sensitive files open to every employee. In fact, on average over 27,000 sensitive files, such as those with financial details, or trade secrets, or business plans, are open to everyone.

The study also revealed poor active directory hygiene with more than half (56%) of the surveyed companies having over 500 accounts with passwords that never expire, while 44% had over 1000 ghost users.

Based on their findings, Varonis believes that companies need to proactively take charge of data access in order to limit the damage attackers can do.

“Companies need to ask themselves three questions to better prepare for an attack: Do you know where your important data is stored? Do you know that only the right people have access to it? Do you know that they’re using data correctly? If you don’t know the answers to these three questions, you won’t be able to identify the early stages of a cyberattack,” asserts Lock.

Mayank Sharma
Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

See more Computing news