“How safe is my data?” is among the more critical questions for organisations today. That’s concerning because recent research has shown that huge amounts of sensitive information continue to be exposed to insider threats, ransomware and other risks.
This is despite the known, significant, potential consequences of such data falling into the wrong hands or becoming corrupted, whether as a result of malicious activity, or simple human error.
Drawing on data risk assessments performed on 130 organisations of diverse types and sizes, the research is based on detailed analysis of more than six billion files – some 5.5 Petabytes of data – across an average of over 30 thousand user accounts and three million folders per company.
The results make for sobering reading. Essentially, there’s a free-for-all sensitive data pick-n-mix just waiting to be plundered, in server after server around the world, across sectors, in companies of all sizes.
58% of all companies, and almost 90% of companies with more than 1 million folders have over 100,000 folders open to every employee. Over 40% of companies have more than 1,000 sensitive files open to all employees.
The more sensitive information is, the fewer people should be able to access it, so this is a serious issue. In fact, some of the biggest data breaches in the past year, costing the affected organisations billions, were triggered by users with access to files they shouldn’t even be able to see.
The report found that more than three-quarters of all folders contain rarely accessed data that should have been archived – stale data. Meanwhile. 61% of companies have more than 5,000 stale files containing sensitive data.
Data doesn’t cease to be sensitive, or become inaccessible, simply because it isn’t used any more. It sits there, forgotten, a privacy and security timebomb, just waiting for an employee mistake or a malicious attack.
More than one in three user accounts are no longer used – and almost two-thirds of companies each have over a thousand of them. Unused and forgotten, they remain active, just waiting to be taken over by hackers and compromised.
These are just a few highlights among the issues that lurk, hidden, in the vast data ecosystems, on-premise and in the cloud, owned by organisations today. For the full picture, download the full 2018 Global Data Risk Report here.
Technology and a good process can assist
There are hundreds of security solutions and best practice security frameworks organisations can use to develop a robust security posture and help mitigate many of the risks posed by human beings inside as well as outside the organisation.
If you would like to discuss the options your organisation has when developing your security strategy our Cyber & Data security experts are on hand to answer questions and help you identify potential ways to address the risks posed. Book a ‘no obligations’ call with one of our team here.
The Human Factor Guide
Find out who else in your organisation may pose a security risk by downloading our full guide here.