Latest News Headlines
Commercial Credit News
|Why Most Companies Are Easy Prey for Cyber Attackers|
|Wednesday, 23 March 2016|
Varonis Systems, Inc. (NASDAQ:VRNS), a leading provider of software solutions that protect data from insider threats and cyberattacks, today revealed the results of a year of anonymous data collected during risk assessments conducted for potential customers on a limited subset of their file systems. The 2015 results show a staggering level of exposure in corporate file systems, including an average of 9.9 million files per assessment that were accessible by every employee in the company.
Of the insights gleaned from dozens of customer risk assessments conducted in mid-to-large enterprises prior to remediation, in a subset of each company’s file systems, Varonis found the average company had:
35.3 million files, stored in 4 million folders, meaning the average folder has 8.8 files
1.1 million folders, or an average of 28% of all folders, with “everyone” group permission enabled –open to all network users
9.9 million files that were accessible by every employee in the company regardless of their roles
2.8 million folders, or 70% of all folders, contained stale data -- untouched for the past six months
25,000 user accounts, with 7,700 of them or 31% “stale” – having not logged in for the past 60 days, suggesting former employees, employees who changed roles, or consultants and contractors whose engagements have ended
The ‘everyone’ group is a common convenience for permissions when originally set up. That mass access also makes it astonishingly easy for hackers to steal company data.
Some individual companies’ lowlights that were gleaned from the Varonis risk assessments:
In one company, every employee had access to 82% of the 6.1 million total folders.
Another company had more than 2 million files containing sensitive data (credit card, social security or account numbers) that everyone in the company could access.
50% of another company’s folders had “everyone” group permission and more than 14,000 files in those folders were found to contain sensitive data.
A single company had more than 146,000 stale users – accounts whose users had not logged in for the past 60 days. That’s nearly three times more users than the average FORTUNE 500 company has total employees.
David Gibson, Vice President of Strategy and Market Development at Varonis, said, “Although this data presents a bleak look at the average enterprise’s corporate file system environment, the organisations running these risk assessments are taking these challenges seriously. Most of them have since implemented Varonis, embracing a more holistic view of the data on their file and email systems and closing these gaping, often unseen security holes before the next major breach causes heavy damage. Our software is able to provide a granular look at where sensitive data lives, where it is over-exposed within an organisation, who is accessing that data, and how to lock it down. While that remediation process is running, our ability to start detecting and stopping many types of insider threats has been a major revelation for our customers.”
Forums International Ltd
Attendance at your first meeting is free of charge, and please quote reference 'CCR2016' to receive the special 10% discount off of your first annual subscription.
Find out more here.
The latest edition of CCR Magazine, the leading editorial publication in the UK credit industry, is out.
CCR is the premier magazine for consumer and credit professionals. It provides an independent voice to the industry, breaking major news stories and running in-depth features.
As a magazine, it works with and campaigns on behalf of the credit industry to promote its importance as a centre of potential profit and business development to the wider business world.
Providing information and analysis for thousands of senior credit professionals worldwide, every quarter.
GTS Media Ltd
81 Cambridge Road
Registered in England No: 05483197