Inside Out Security Blog   /  

The 2021 Financial Data Risk Report Reveals Every Employee Can Access Nearly 11 Million Files

The 2021 Financial Data Risk Report Reveals Every Employee Can Access Nearly 11 Million Files


    Financial services organizations must safeguard tons of highly sensitive information, but data is often left exposed to far too many people. If just one employee clicks on a phishing email, attackers will move into action fast – and they’ll be able to copy, change, encrypt or delete any files the victim can touch. Pretty scary, huh?

    To highlight the most common and pervasive issues around enterprise data security, we developed the 2021 Financial Data Risk Report. The new report delves into the state of data security – on-premises, cloud, and hybrid environments – for banking, insurance, and investment companies.

    We analyzed a random sample of Data Risk Assessments for 56 companies to uncover how exposed companies really are. Our analysts crunched the numbers and examined 4 billion files for the report.

    Here are just a few key findings:

    • A financial services employee has access to nearly 11 million files. For larger companies, the number doubles to 20 million files.
    • 20% of all folders are open to every employee.
    • 39% of companies have over 10,000 stale — but enabled — user accounts.
    • Nearly two-thirds of companies have 1,000+ sensitive files open to every employee.
    • About 60% of companies have 500+ passwords that never expire.


    Read the full report: 2021 Financial Services Data Risk Report

    👋 Want to see where you stack up?

    Get a highly customized data risk assessment run by engineers who are obsessed with data security. Request yours at

    What you should do now

    Below are three ways we can help you begin your journey to reducing data risk at your company:

    1. Schedule a demo session with us, where we can show you around, answer your questions, and help you see if Varonis is right for you.
    2. Download our free report and learn the risks associated with SaaS data exposure.
    3. Share this blog post with someone you know who'd enjoy reading it. Share it with them via email, LinkedIn, Twitter, Reddit, or Facebook.

    Get a free Risk Assessment

    You can't protect what you don't know is vulnerable.

    Give us 90-minutes of your time, and we'll create a Free Risk Assessment that will open your eyes to your unknown weak spots—fast, and without adding work to your plate.

    Start Your Risk Assessment