Business data at risk from oversharing
Sharing is caring, as the saying goes, but when it comes to business data oversharing is a big problem. A new report from Concentric AI shows the number of overshared files rose 60 percent in 2022 compared to 2021.
Largely this is down to the impact of hybrid remote work, cloud migration and information sprawl across on-premises and cloud data, as well as email and messaging environments on data security.
Using its data security posture management (DSPM) solution, Semantic Intelligence, Concentric captured user data in production deployments during 2022 from companies in the technology, financial, and healthcare sectors to reveal how organizations create, use, and manage data.
The findings reveal that organizations averaged 802,000 files at-risk due to oversharing. That translates to 402 at-risk files per employee (up significantly from 251 files per employee in 2021). Link-based risky sharing is up to 100,000 documents per enterprise, up from 81,000 in 2021. 83 percent of at-risk files were overshared with users or groups within the company, while 17 percent of business-critical files were overshared with external third parties.
Nearly 32 percent of unstructured data identified was business-critical -- that's 500 million files in an average organization. Of those business-critical files, 16 percent could be seen by internal or external users who should not have had access. The report also found on average 87,000 business-critical files erroneously classified and inappropriately accessible by other employees per enterprise. Nearly 25 percent of all unstructured data contained PII and was not marked appropriately.
In addition more than 35 percent of files processed were duplicates (15 percent) or near-duplicates (20 percent). Maintaining multiple variant copies of sensitive information can create legal and regulatory risks, as well as significant unnecessary storage costs.
"As enterprises deal with exponential growth in data and sensitive information sprawled across the enterprise on-premise and cloud environments, often accessed remotely, data remains a vulnerable threat surface for most enterprises," says Karthik Krishnan, Concentric AI CEO. "As our 2022 Data Risk Report shows, unstructured data is still largely unseen, unexplored and insecure, and is too often overshared inside and outside organizations. This educational report for the industry demonstrates the power of Concentric AI's advanced deep-learning technology to solve the ongoing challenges of unstructured and structured data security – both in the cloud and on premises. Our Semantic Intelligence solution autonomously delivers the data risk insights enterprises need to help employees work productively -- remotely or in the office -- without sacrificing security."
The full report is available from the Concentric AI site.
Image Credit: Chiran Vlad / Shutterstock