2018 Varonis Global Data Risk Report

58% of companies have over 100,000 folders open to every employee.

Despite enormous consequences of this addressable challenge, companies continue to expose sensitive information to insider threats, ransomware and other risks.

Answering The Question:

How safe is my data?

The 2018 Global Data Risk Report is a consolidated report that captures findings of Data Risk Assessments performed on 130 organizations — a representative sample from more than 30 industry segments and sizes. For this year's report, Varonis analyzed more than 6 billion files, more than double the number in our 2017 report, with an average of 36,242 user accounts, 3,531,978 folders and 48,051,109 files per company.



How much data are we talking here?

6.2 Billion files

459.2 Million folders

5.5 Petabytes of data

11.1 Terabytes of data

(Median Amount)

30+ Industries

Including Insurance, Financial Services, Healthcare, Retail, Utilities & Energy, Construction, IT and Computer Software, Education and Public Sector.

50+ Countries

Including the United States, Canada, United Kingdom, France, Germany and Malaysia.

Access Overload

The more sensitive information is, the fewer people should be able to access it. Some of the biggest data breaches in the past year - the ones that cost companies billions - stem from a user who had access to files they shouldn’t have been able to see in the first place.

21% of all folders

in a company were open to every employee

41% of companies

have over 1,000 sensitive files open to every employee

88% of companies

with over 1 million folders have over 100,000 folders open to everyone

Stale Data

Keeping stale data around is like leaving your old credit cards and bank statements in a pile on the street, waiting for recycling to pick them up. Just because you don’t use it anymore doesn’t mean that the hackers can’t.

76% of folders

in a company contain stale data

61% of companies

have over 5,000 stale sensitive files

76% all folders

contained stale data

Ghost in the Machine

Identity theft is just as rampant (and dangerous) in file servers as it is in real life. If you’ve got outdated users with active accounts, it’s like handing over a new set of papers to your hacker.

34% of user accounts

are stale but enabled

65% of companies

have over 1,000 stale user accounts

64% of user accounts

are stale or inactive

Want to see what’s hiding in your data?

Get a highly customized data risk assessment run by engineers who are obsessed with data security.