Matt Lock, Director of Sales Engineers at Varonis, explores why organisations are still struggling to lock down access to sensitive files, as well as what they can do to mitigate the risks of unmanaged and oversubscribed data access.
Imagine you worked in an office that created a huge amount of sensitive data exclusively in hard copy and the only way to store it was in filing cabinets. After years in business, nobody has seen fit to clear out old files: there are now filing cabinets all over the place bursting at the seams storing information. To help save space a large number of these files are kept at a separate storage unit on the other side of town.
With employee turnover, no one can remember what files are being stored from more than a few years ago or where they are kept. Further, when employees leave and others join due to employees leaving and others starting, keys to the filing cabinets have been misplaced. File cabinets are left unlocked for easy access. Staff share keys with their colleagues. Nobody has a clear idea of who can access what, or even if those who have the keys to the filing cabinets are current employees.
Sounds like a nightmare doesn’t it? Yet thousands of businesses are doing the equivalent of this with their digital information. Just because you can’t physically see the chaos being caused doesn’t make it any less real or less of a threat to the security of your organisation and your data.
Businesses are creating, receiving, processing and storing more information than ever before. Often the simplest and most cost-effective way of storing this information is by purchasing remote storage in the cloud. This is undeniably the most convenient way to keep files; capacity can be increased or reduced as demand dictates, and it is easy to provide access to workers based in any location.
However, increasing storage capacity is a double-edged sword for businesses, in that it is easy to keep adding files without having to clear any out. Research by Varonis found that more than half (53 percent) of all data in a company is stale, and nearly nine out of 10 (87 percent) of companies had more than 1,000 stale files – seven out of 10 (71 percent) had more than 5,000.
Also of interest: The BYOD juggling act: balancing security, privacy and mobility