Varonis announces strategic partnership with Microsoft to accelerate the secure adoption of Copilot.

Learn more

DSPM Report Highlights Risks That Lead to Significant Data Breaches  

Our new DSPM research reveals that companies are widening their blast radius through overshared permissions, ghost user accounts, missing MFA, and more.
Shane Walsh
2 min read
Last updated March 24, 2024
DSPM radar surfacing findings. Varonis also shows how to fix them.

Confusing permission settings, overshared sensitive data, and vulnerable stale accounts can widen an organization's blast radius — which is already growing faster than security teams can keep up. 

While the cloud helps organizations collaborate, it also presents unique data security challenges. Most organizations need to secure data both in the cloud and on-prem with a data security posture management (DSPM) solution that helps manage the complexities of these hybrid environments.

Your DSPM solution needs to go beyond visibility to fix the problems it surfaces and continuously monitor for threats — wherever your sensitive data lives. 

DSPM Snapshot

To assess the true state of data security within hybrid cloud environments, Varonis created the DSPM Snapshot report. Rather than relying on subjective surveys, we rolled up our sleeves and analyzed hundreds of Data Risk Assessments to determine where organizations are at risk and how they can strengthen their data security posture. Our team examined nearly 15 billion — yes, billion — files for the report. 

Below are just a few key findings from our research: 

  • The blast radius continues to expand. The ability to share information with a single click is convenient, but it exposes your company’s critical information significantly. Nearly 50 percent of files shared with all users contain sensitive data.
  • Ghost users are haunting your data. Ghost users, which are former employees or vendors who no longer work with your company but still have access to applications and data, are less likely to be monitored. This makes it easier for attackers to quietly attempt a brute-force attack without tripping alarms. In the average organization, 35 percent of ghost users are still enabled.
  • Problems with stale data and outdated access are growing. Nearly one-third of permissions for sensitive data are stale and significantly weigh down a company’s cybersecurity posture. Numerous high-profile data breaches in recent years have involved attackers abusing a company’s stale permissions. 
  • Admins are not protecting their accounts. We found that 60 percent of an average company's administrative accounts do not enable multi-factor authentication, making it easier for attackers to compromise internally exposed data.

Read the full report to learn more: DSPM Snapshot 

Want to see how your security posture stacks up?

Don't settle for partial visibility and a lack of results. Equip your team with automated outcomes to protect sensitive data and reduce cyber risks. 

As the No. 1-rated DSPM solution in Gartner Peer Insights, Varonis automatically remediates risk, enforces policies, and detects threats in real time.

Get started with our free Data Risk Assessment. In less than 24 hours, you’ll have a clear, risk-based view of the data that matters most and a clear path to automated remediation. 

What you should do now

Below are three ways we can help you begin your journey to reducing data risk at your company:

  1. Schedule a demo session with us, where we can show you around, answer your questions, and help you see if Varonis is right for you.
  2. Download our free report and learn the risks associated with SaaS data exposure.
  3. Share this blog post with someone you know who'd enjoy reading it. Share it with them via email, LinkedIn, Reddit, or Facebook.

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.

Keep reading

Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

Interview With Wade Baker: Verizon DBIR, Breach Costs, & Selling Boardrooms on Data Security
Wade Baker is best known for creating and leading the Verizon Data Breach Investigations Report (DBIR). Readers of this blog are familiar with the DBIR as our go-to resource for...
DSPM vs. CSPM Solutions: Bridging Data and Cloud Security With Varonis
Explore the essential roles of DSPM and CSPM solutions, and see how Varonis uniquely enables you to bridge the gap between cloud and data security. 
Varonis MDDR: Industry's First Managed Data Detection and Response Offering
Varonis MDDR introduces a new 24x7x365 threat detection and response service built to stop data breaches.
DSPM Deep Dive: Debunking Data Security Myths
DSPM is the leading acronym in cybersecurity. However, the recent buzz has cluttered the meaning of data security posture management. Let's demystify it.