Employee Access to Data Leaving Companies at Risk
Fifty-three percent of companies have over 1,000 sensitive files open to every employee, up from 41 percent last year, according to the 2019 Data Risk Report.
Fifty-one percent of companies found over 100,000 folders open every employee and 22 percent of folders were open to every employee.
Global access groups, such as Everyone, Domain Users, or Authenticated Users, give insiders and outside attackers that get in easy access to files inside. Globally accessible data puts organizations at risk from insiders, malware and ransomware attacks: it takes just one click on a phishing email to set off a chain reaction that encrypts or destroys all accessible files. The files analyzed included data subject to regulations like GDPR, PCI, HIPAA and the upcoming California Consumer Privacy Act (CCPA). Exposed data can cost companies: regulations like the EU General Data Protection Regulation (GDPR) penalize companies that fail to protect personal information that often resides in unsecured files and folder.
Key findings include:
- 17 percent (117,317) of all sensitive files were accessible to every employee.
- 58 percent of companies found over 1,000 stale user accounts.
- 53 percent of data, on average, was stale.
- 15 percent of companies found more than 1 million folders open to every employee.
- Across the entire dataset, 22 percent of all folders were exposed to every employee, up from 21 percent last year.
- 80 percent of companies with over 1 million folders found over 50,000 folders open to every employee.
- 76 percent of companies found over 1,000 folders with unresolved SIDs.
- 58 percent of companies found over 1,000 folders that had inconsistent permissions.
- 27 percent of a company’s users had removal recommendations, and were likely to have more access to data than they require.
- 15 percent of folders were uniquely permissioned.
- Only 5 percent of folders were protected.