Nearly 60 million users and 68% of the Fortune 500 use Box for collaboration and file sharing. The same ease of use that makes Box great for working with clients and vendors also makes it a risk to data security. Files that shouldn’t be shared can be exposed, potentially causing data breaches without the knowledge of security or IT teams.
In a recent case, the Varonis Incident Response (IR) team detected a user who had unknowingly uploaded a file to Box that contained personally identifiable information (PII), including over 1,100 employee names and Social Security numbers. The file had been made publicly accessible, putting the information at serious risk of exposure and breach.
The Varonis IR team caught this exposure and remediated the issue before a malicious actor could discover it. On average, the Varonis IR team prevents five data breaches a day across our customer base, providing expertise that many organizations lack in-house.
In this blog, we’ll discuss the incident, including the data security risk inherent in Box and how Varonis helps to ensure that sensitive data in Box is secure.
Collaboration platforms and data risk
This incident highlights a broader challenge faced by many organizations: the sheer volume of data stored in cloud collaboration platforms like Box, GitHub, Jira, and ServiceNow makes it nearly impossible to track the movement of sensitive data and properly manage access.
Without the right tools and expertise, detecting this kind of exposure would require:
- A full internal audit of all exposed files — an enormous and time-consuming task
- Manual inspection of file contents to identify PII
- Ongoing monitoring of file permissions and public links
One slip-up could be costly in today’s threat environment, and few organizations have the resources and expertise to maintain all three activities across their collaboration tools.
Varonis Incident Response
In this example, the Varonis Data Security Platform had already been deployed to monitor the customer’s cloud environment and applications. During a regular review of the customer's security posture, the Varonis team identified their sensitive content. One file — a publicly accessible Excel spreadsheet that contained sensitive information — stood out.
Using Varonis’ analysis tools, the IR team confirmed the presence of PII. They immediately used the Platform’s automated remediations to revoke the public link, ensuring the file was no longer accessible.
To prevent future incidents, the team built a custom report to help the customer proactively identify and remediate similar exposures. The customer now uses this report regularly to monitor for sensitive data exposures and take swift action.
The customer was relieved and appreciated the quick response and resolution. Along with an improved security posture, they have the assurance that the Varonis IR team is watching their data and ready to respond.
Proactive data security
This incident is a powerful reminder of the importance of proactive data security. With Varonis, organizations can:
- Automate the discovery of sensitive data and risky permissions
- Detect and remediate exposures before they become breaches
- Collaborate and share data with confidence
In a world where data is everywhere, Varonis ensures it’s only accessible to the right people. Want to learn how Varonis can help your organization? Take our free Data Risk Assessment to have access to the Varonis Platform and your own dedicated IR analyst.
