Businesses Still Fail to Ensure Protection of Sensitive Company Data—Varonis

Big Data

Post-GDPR studies showed that some companies have their databases still can be accessed by their employees / Photo by: Ryan Adams via Flickr


The average company has over half of million files stored away in their systems with 17 percent still accessible to every employee, according to the Monday report of security software provider Varonis Systems Ltd.

The fact comes nearly a year after the General Data Protection Regulation (GDPR) was enacted. GDPR is a regulation that codifies and unifies data privacy laws throughout member countries of the European Union.

According to TechRepublic, the Varonis report assessed over 700 data risk examinations conducted by its engineers to find out how rampant and severe the cases of the exposed sensitive files are.

Over half of the companies in the assessment found that more than a thousand sensitive company files were accessible to every employee; about 22 percent of all documents were open to people working in the company while 51 percent found that their employees can easily access over a hundred thousand (100,000) folders.

Businesses keep millions of files in folders and sites both in the cloud and on-premise, TechRepublic states, citing the Monday report. However, the tech news site adds, the sensitive files stored in those folders and sites are left to be available for viewing by any one of their employees since most of these storage spaces are not properly secured.

The report noted that this would mean it would only take a single employee to compromise the system and cause a data breach. Varonis also highlighted that corporate global access groups—such as Everyone, Domain Users, and Authenticated Users—also provide both inside and outside hackers that penetrate the network for easy access to sensitive files.

"Globally accessible data puts organizations at risk from insiders, malware and ransomware attacks: it takes just one click on a phishing email to set off a chain reaction that encrypts or destroys all accessible files," the report said.

The security software provider also found that companies are struggling to maintain data up-to-date with 53 percent of which was stale and 58 percent of companies finding more than a thousand stale user accounts.