Varonis announces strategic partnership with Microsoft to accelerate the secure adoption of Copilot. Learn more

DSPM Report Highlights Risks That Lead to Significant Data Breaches  

Our new DSPM research reveals that companies are widening their blast radius through overshared permissions, ghost user accounts, missing MFA, and more.
Shane Walsh
2 min read
Last updated March 24, 2024
DSPM radar surfacing findings. Varonis also shows how to fix them.

Confusing permission settings, overshared sensitive data, and vulnerable stale accounts can widen an organization's blast radius — which is already growing faster than security teams can keep up. 

While the cloud helps organizations collaborate, it also presents unique data security challenges. Most organizations need to secure data both in the cloud and on-prem with a data security posture management (DSPM) solution that helps manage the complexities of these hybrid environments.

Your DSPM solution needs to go beyond visibility to fix the problems it surfaces and continuously monitor for threats — wherever your sensitive data lives. 

DSPM Snapshot

To assess the true state of data security within hybrid cloud environments, Varonis created the DSPM Snapshot report. Rather than relying on subjective surveys, we rolled up our sleeves and analyzed hundreds of Data Risk Assessments to determine where organizations are at risk and how they can strengthen their data security posture. Our team examined nearly 15 billion — yes, billion — files for the report. 

Below are just a few key findings from our research: 

  • The blast radius continues to expand. The ability to share information with a single click is convenient, but it exposes your company’s critical information significantly. Nearly 50 percent of files shared with all users contain sensitive data.
  • Ghost users are haunting your data. Ghost users, which are former employees or vendors who no longer work with your company but still have access to applications and data, are less likely to be monitored. This makes it easier for attackers to quietly attempt a brute-force attack without tripping alarms. In the average organization, 35 percent of ghost users are still enabled.
  • Problems with stale data and outdated access are growing. Nearly one-third of permissions for sensitive data are stale and significantly weigh down a company’s cybersecurity posture. Numerous high-profile data breaches in recent years have involved attackers abusing a company’s stale permissions. 
  • Admins are not protecting their accounts. We found that 60 percent of an average company's administrative accounts do not enable multi-factor authentication, making it easier for attackers to compromise internally exposed data.

Read the full report to learn more: DSPM Snapshot 

Want to see how your security posture stacks up?

Don't settle for partial visibility and a lack of results. Equip your team with automated outcomes to protect sensitive data and reduce cyber risks. 

As the No. 1-rated DSPM solution in Gartner Peer Insights, Varonis automatically remediates risk, enforces policies, and detects threats in real time.

Get started with our free Data Risk Assessment. In less than 24 hours, you’ll have a clear, risk-based view of the data that matters most and a clear path to automated remediation. 

What should I do now?

Below are three ways you can continue your journey to reduce data risk at your company:


Schedule a demo with us to see Varonis in action. We'll personalize the session to your org's data security needs and answer any questions.


See a sample of our Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation.


Follow us on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more.

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.

Keep reading

Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

DSPM Buyer's Guide: How To Choose a DSPM Solution
Understand the different types of DSPM solutions, avoid common pitfalls, and ask questions to ensure you purchase a data security solution that meets your unique requirements.
DSPM Deep Dive: Debunking Data Security Myths
DSPM is the leading acronym in cybersecurity. However, the recent buzz has cluttered the meaning of data security posture management. Let's demystify it.
The Future of Cloud Data Security: Doing More With DSPM
Learn what you need to be aware of when evaluating a DSPM solution, why IaaS automation is crucial, and how you can prepare your org for the future of DSPM.
DSPM vs. CSPM Solutions: Bridging Data and Cloud Security With Varonis
Explore the essential roles of DSPM and CSPM solutions, and see how Varonis uniquely enables you to bridge the gap between cloud and data security.