Many employees can access millions of company files on their first day

Problem is often further compounded by poor active directory hygiene

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

On average, new employees can access about six millioncorporate documentson their first day on the job, a new report has claimed.

Based on an analysis of four billion files across 50 different organizations,cybersecurityvendor Varonis found a huge overexposure problem of data in the manufacturing industry.

“Manufacturers hold sensitive, and incredibly valuable data that puts them at risk. And as we saw with WannaCry, DarkSide and so many other attacks,ransomwarecan stop production lines and halt businesses. All too often, information is overexposed and under protected,” said Matt Lock, technical director, Varonis.

We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.

Click here to start the survey in a new window«

In thereportVaronis argues that overexposed and under-protected data can cause all sorts of problems; from employees copying, sharing, and deleting sensitive information, to inadvertently leaking them to cybercriminals who then use it to gain a foothold onto the corporate network.

Limit access and impact

Varonis discovered that on average every employee can access about a fifth of the files in an organization. The number rises to a quarter for mid- and small-sized businesses.

Worryingly, four in ten organizations have 1,000+ sensitive files open to every employee. In fact, on average over 27,000 sensitive files, such as those with financial details, or trade secrets, or business plans, are open to everyone.

The study also revealed poor active directory hygiene with more than half (56%) of the surveyed companies having over 500 accounts with passwords that never expire, while 44% had over 1000 ghost users.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Based on their findings, Varonis believes that companies need to proactively take charge of data access in order to limit the damage attackers can do.

“Companies need to ask themselves three questions to better prepare for an attack: Do you know where your important data is stored? Do you know that only the right people have access to it? Do you know that they’re using data correctly? If you don’t know the answers to these three questions, you won’t be able to identify the early stages of a cyberattack,” asserts Lock.

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

7 myths about email security everyone should stop believing

I’ve used Genmoji and now I’m convinced Apple Intelligence will be a huge success