2017 Varonis Global Data Risk Report

47% of organizations have at least 1,000 sensitive files open to every employee—an alarming level of exposure for corporate data.

Answering The Question:

How safe is my data?

To find out, we looked at data from 1,000s of risk assessments that we perform a year - analyzing statistics from billions of events, over 800 TB of data, 421 million folders, and 4.7 billion files. These assessments give insight into common security vulnerabilities and risks that leave enterprise data exposed and open for cyberattacks and data breaches.



How much data are we talking here?

2.8 Billion files

236.5 Million folders

3.79 Petabytes of data

6 Terabytes of data

(Median Amount)

33 Industries

Including Insurance, Financial Services, Healthcare, Retail, Utilities & Energy, Construction, IT and Computer Software, Education and Public Sector

12 Countries

Including the United States, Canada, United Kingdom, France, Germany and Malaysia.

Access Overload

The more sensitive information is, the fewer people should be able to access it. Some of the biggest data breaches in the past year - the ones that cost companies billions - stem from a user who had access to files they shouldn’t have been able to see in the first place.

48,054,198 million

folders were open to global access groups (accessible to the entire organization)

47% had at least

1,000 sensitive files open to every employee

22% had 12,000

1,000 sensitive files open to every employee

Stale Data

Keeping stale data around is like leaving a your old credit cards and bank statements in a pile on the street, waiting for recycling to pick them up. Just because you don’t use it anymore doesn’t mean that the hackers can’t.

1.95 petabytes

of stale data found

169,060,167 folders

contained stale data

71% all folders

contained stale data

Ghost in the Machine

Identity theft is just as rampant (and dangerous) in file servers as it is in real life. If you’ve got outdated users with active accounts, it’s like handing over a new set of papers to your hacker.

448,224 user accounts

were stale but enabled

47% of users

had removal recommendations - but were still active

502,706 user accounts

had non-expiring passwords

Want to see what’s hiding in your data?