One in five healthcare files is open to all employees
A new report from Varonis reveals some startling statistics about healthcare data, with almost 20 percent of files open to all employees in an organization.
In addition the average healthcare organization has over 31,000 files -- including those that include HIPAA-protected information, financial data, and proprietary research -- open to everyone.
The percentage of files open to all is greater in small and medium organizations (25 percent and 23 percent) than in larger ones (16 percent). On their first day at work, new employees at small companies may have instant access to over 11,000 exposed files, and nearly half of them contain sensitive data. This creates a massive attack surface and increases the risk of non-compliance in the event of a data breach.
Also worrying is that 77 percent of the companies surveyed had 500 or more accounts with passwords that never expire. 79 percent also have more than 1,000 'ghost users' -- accounts that are inactive but still enabled -- giving hackers an opportunity to move through networks.
Rachel Hunt, content and media relations manager at Varonis writes on the company's blog, "As the saying goes, hackers only need to be right once. One successful phishing email can set off a ransomware chain reaction that encrypts every file it touches. A single insider with unrestricted access to file shares can copy, change, or delete thousands or even millions of documents."
You can find out more and get the full report on the Varonis blog.