DSPM Report Highlights Risks That Lead to Significant Data Breaches  

Our new DSPM research reveals that companies are widening their blast radius through overshared permissions, ghost user accounts, missing MFA, and more.
Shane Walsh
2 min read
Last updated March 24, 2024
DSPM radar surfacing findings. Varonis also shows how to fix them.

Confusing permission settings, overshared sensitive data, and vulnerable stale accounts can widen an organization's blast radius — which is already growing faster than security teams can keep up. 

While the cloud helps organizations collaborate, it also presents unique data security challenges. Most organizations need to secure data both in the cloud and on-prem with a data security posture management (DSPM) solution that helps manage the complexities of these hybrid environments.

Your DSPM solution needs to go beyond visibility to fix the problems it surfaces and continuously monitor for threats — wherever your sensitive data lives. 

DSPM Snapshot

To assess the true state of data security within hybrid cloud environments, Varonis created the DSPM Snapshot report. Rather than relying on subjective surveys, we rolled up our sleeves and analyzed hundreds of Data Risk Assessments to determine where organizations are at risk and how they can strengthen their data security posture. Our team examined nearly 15 billion — yes, billion — files for the report. 

Below are just a few key findings from our research: 

  • The blast radius continues to expand. The ability to share information with a single click is convenient, but it exposes your company’s critical information significantly. Nearly 50 percent of files shared with all users contain sensitive data.
  • Ghost users are haunting your data. Ghost users, which are former employees or vendors who no longer work with your company but still have access to applications and data, are less likely to be monitored. This makes it easier for attackers to quietly attempt a brute-force attack without tripping alarms. In the average organization, 35 percent of ghost users are still enabled.
  • Problems with stale data and outdated access are growing. Nearly one-third of permissions for sensitive data are stale and significantly weigh down a company’s cybersecurity posture. Numerous high-profile data breaches in recent years have involved attackers abusing a company’s stale permissions. 
  • Admins are not protecting their accounts. We found that 60 percent of an average company's administrative accounts do not enable multi-factor authentication, making it easier for attackers to compromise internally exposed data.

Read the full report to learn more: DSPM Snapshot 

Want to see how your security posture stacks up?

Don't settle for partial visibility and a lack of results. Equip your team with automated outcomes to protect sensitive data and reduce cyber risks. 

As the No. 1-rated DSPM solution in Gartner Peer Insights, Varonis automatically remediates risk, enforces policies, and detects threats in real time.

Get started with our free Data Risk Assessment. In less than 24 hours, you’ll have a clear, risk-based view of the data that matters most and a clear path to automated remediation. 

What should I do now?

Below are three ways you can continue your journey to reduce data risk at your company:

1

Schedule a demo with us to see Varonis in action. We'll personalize the session to your org's data security needs and answer any questions.

2

See a sample of our Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation.

3

Follow us on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more.

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.

Keep reading

Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

varonis-enhances-salesforce-security-with-high-risk-permissions-remediation
Varonis Enhances Salesforce Security With High-Risk Permissions Remediation
Identify and automatically remediate high-risk Salesforce permissions to reduce risk and improve your SaaS security posture.
protecting-salesforce:-remediating-misconfigured-sites
Protecting Salesforce: Remediating Misconfigured Sites
Varonis enables organizations to identify and remediate misconfigured Salesforce Site guest permissions that expose sensitive data publicly.
protecting-salesforce:-preventing-public-link-creation
Protecting Salesforce: Preventing Public Link Creation
Identify and prevent the creation of Salesforce public links and reduce your blast radius with Varonis.
automate-exchange-distribution-list-management
Automate Exchange Distribution List Management
From a business perspective, distribution lists (DLs) for email communications are a powerful and well-understood concept in IT. And they are popular: Exchange admins have voted with their right-clicks, creating...