Cybersecurity Risk Is Surging Due to Oversharing of Unstructured Data All-Over Enterprises

Cybersecurity Risk Is Surging Due to Oversharing of Unstructured Data All-Over Enterprises

Several business-critical and sensitive documents have been overshared through increased link sharing, internal permission misconfigurations, inappropriate external sharing, and more.

Threat actors always look for opportunities to exploit vulnerabilities or certain situations to prey on digital users. With increased remote working norms across organizations, an employee is required to comply with the company security standards.

Over the last one year, the number of overshared files soared by nearly 450%, reveals a recent study by Concentric. This trend highlights the significant consequence of the pandemic-induced remote work on data security globally.

Also Read: Three Factors for Businesses to Consider While Assessing Zero-Trust Security Frameworks

The company captured user data into production deployments from organizations in the technology, financial, and healthcare industries to reveal how businesses create, use, as well as manage data.

It is no secret that data security concerns were on the rise even before the COVID-19 pandemic. With time, enterprise data is swelling and becoming hard to manage than ever before. A simple fact is more cloud-based storage and productivity apps store data now than it did a few years back.

More than 110 million unstructured data files were scanned to understand the scenario. Several business-critical and sensitive documents have been overshared through increased link sharing, internal permission misconfigurations, inappropriate external sharing, and incomplete or incorrect document classifications.

The oversharing process increases an enterprise’s risk of losing data – primarily by violating compliance or data privacy mandates and facing cybercrime. According to the statistics, an average of 439,000 company files is at-risk due to oversharing.

This indicates the availability of almost 210 at-risk files per employee (significantly up from 38 files per employee in Q1 2020). It is, therefore, a 452% spike year-over-year across industries. In fact, link-based risky sharing is also up from 56,000 to 65,000 documents per enterprise.

Shockingly, most of the data is unstructured – undoubtedly due to increased production data, reflecting actual user practices alongside real-world data risk exposures. This resulted in nearly 35% of unstructured data actually being business-critical.

It sums up to roughly 3.1 million files in an average enterprise. Of those business-critical files, almost 14% can be seen by internal or external users, particularly those who should not access them. Even 229,000 business-critical files are inappropriately accessible by others.

To illustrate, most of the unstructured data contained PII. Besides, these data are not even marked appropriately. Over 33% of files processed were found duplicated (15%) or near-duplicates (20%). Keeping multiple variant copies of sensitive information can bring regulatory risks and unnecessary storage costs.

Also Read: Security of IoT Devices for Efficient Business Transformation

Furthermore, 85% of at-risk files are being overshared with users or various groups in a company, while 15% of business-critical files are often overshared with external or third parties. With humungous organizational data being unstructured, they are embedded in corporate strategy documents, financial reports, source code files, and more.

Even a recent IDC study reveals that more than 80% of all enterprise data will become unstructured by 2025. This data type is not organized in a regular way – the files and documents that are created and handled by employees are often unstructured.

In this context, Karthik Krishnan, CEO at Concentric, explains -“As our quarterly Data Risk Reports continue to show, unstructured data is still largely unseen, unexplored and insecure, and too often overshared inside and outside organizations.”

For more such updates follow us on Google News ITsecuritywire News