Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd

Posts Tagged :

Varonis

More than half of companies have over 1,000 exposed sensitive files

960 640 Guest Post

By Matt Lock (pictured), Director of Sales Engineers UK, Varonis

All an attacker needs to steal your valuable data is access.

Unfortunately, many companies unknowingly give attackers access to their critical data. Personal identifying information on employees and customers, intellectual property, and more can easily make their way from secured systems to unprotected files and emails. 

To make matters worse, companies don’t have time to update global access groups, fail to archive old data, and skip monitoring who has access to what information. Once attackers slip through the cracks, they — and corrupt insiders alike — have the access they need to steal your data.

To shed light on the state of overexposed data, we analysed a random sample of 785 Data Risk Assessments, including more than 54 billion files. The results, available in the report Data Gets Personal: 2019 Global Data Risk Report from the Varonis Data Lab reveal that companies are failing to shore up their sensitive data. 

Some key findings from the report include:

  • Every employee, on average, can access 17 million files.
  • More than half (53%)of companies had at least 1,000 sensitive files open to all employees. 
  • Over one in five (22%) of all folders were accessible, on average, to every employee. 
  • 38% of users had passwords that never expire, up from 10% last year. 
  • Six in 10 companies had over 1,000 enabled, but stale, “ghost” users — accounts belonging to former employees that can still access your network.
  • Financial services firms had the most exposed sensitive files, with an average of 3,791 exposed, sensitive files per TB.
  • Retail organisations had the lowest number of exposed sensitive files, with an average of 858 exposed, sensitive files per TB.

Despitedire warnings of heavy fines under the GDPR and the steady stream of breaches and attacks in the news, companies are not prioritising their data. Take action with a data-centric security approach to ensure you are not giving malicious insiders and external attackers an all-access pass to your data. 

GUEST BLOG: 60 must-know cybersecurity statistics for 2018

960 640 Stuart O'Brien

By Varonis

Cybersecurity issues are becoming a day-to-day struggle for businesses. Trends show a huge increase in hacked and breached data from sources that are increasingly common in the workplace, like mobile and IoT devices.

Additionally, recent research suggests that most companies have unprotected data and poor cybersecurity practices in place, making them vulnerable to data lass.

We’ve compiled 60 cybersecurity statistics to give you a better idea of the current state of overall security, and paint a picture of how potentially dire leaving your company unsecure can be.

Click here to read the full article.

GUEST BLOG: The anatomy of a phishing email

960 640 Stuart O'Brien

By Varonis

Phishing scams are one of the most common ways hackers gain access to sensitive or confidential information.

In fact, according to the Verizon’s 2018 Data Breach Investigations Report, phishing is involved in 70 percent of breaches that feature a social engineering component.

What is Phishing?

At the most basic level, a phishing scam involves sending fraudulent emails that appear to be from a reputable company, with the goal of deceiving recipients into either clicking on a malicious link or downloading an infected attachment, usually to steal financial or confidential information.

If your employees don’t know the signs of a phishing email, your company is at risk. According to Verizon, the average time it took for the first victim of a large-scale phishing campaign to click on a malicious email was 16 minutes; however, it took twice as long — 33 minutes — for a user to report the phishing campaign to IT.

Given that 49 percent of malware is installed via email, these 17 minutes could spell disaster for your company…

Click here to continue reading.

INFOGRAPHIC: Is your biggest security threat already inside your organization?

960 640 Stuart O'Brien

The person in the cubicle next to you could be your company’s biggest security threat.

The large-scale attacks we’re accustomed to seeing in the news — Yahoo, Equifax, WannaCry ransomware — are massive data breaches caused by cyber criminals, state-sponsored entities or hacktivists. They dominate the news cycle with splashy headlines that tell an all-too recognizable story: one of name-brand corporations vs. anonymous cyber villains.

We focus in outsider threats because they’re both terrifying and thrilling, and because they’re familiar. They often have a clear-cut storyline, one that we’ve seen before. But the hyper-focus on cyberattacks caused by outside parties can lead organizations to ignore a major cybersecurity threat: insiders already in the organization.

We’ve seen these threats before too: attacks of dramatic espionage from Snowden, Reality Winner and Gregory Chung — but insider threats aren’t always so obvious, and they pose a risk for organizations that don’t operate in the national security space. In fact, research suggests that insider threats account for anywhere from 60 to 75 percent of data breaches.

They’re dangerous for a number of reasons, including because of how much they vary: from rogue employees bent on personal gain or professional revenge to careless staffers without proper cybersecurity training, insider threats can come from almost anyone, making them a prime concern for businesses. Check out our full infographic to learn more about the motives and methods behind these types of threats.

To view the Infographic, click here.

NEW REPORT: 58% of organizations have more than 100,000 folders open to all employees

960 640 Stuart O'Brien

By Varonis

Like a wardrobe malfunction during a live broadcast, no one wants to be overexposed – especially when it comes to your data.

The surprising truth: most companies go about their business blithely unaware that some of their most sensitive data is wide open. And by “some” we mean a lot. In fact, our latest research shows that 41% of organizations had at least 1,000 sensitive files open to all employees.

As we know, it only takes one leaked file to cause a headline-making data breach. We’ve seen how one unpatched server can lead to a disaster; a single “unpatched” folder filled with sensitive files can be just as disastrous — and it doesn’t take an expert or sophisticated code to exploit it.

That’s where Varonis Data Risk Assessments come in. Every year, Varonis conducts thousands of risk assessments for companies around the globe. Using the Varonis Data Security Platform (DSP), we identify where sensitive and regulated data resides, show what’s overexposed and vulnerable, and provide actionable recommendations to increase your data security posture.

Think of a Data Risk Assessment as a reality check on your data – that friend who tells you you’ve got a button undone. And they’re free (but more on that later).

Click here to continue reading…

GUEST BLOG: Social Media Security – How safe is your information?

960 640 Stuart O'Brien

By Varonis

In 2012 a massive cyber attack by a hacker named “Peace” exploited over 117 million LinkedIn users’ passwords. After the dust settled from the initial attack, new protocols were put in place and the breach was all but forgotten in the public eye, the same hacker reared their head again. Nearly five years later, “Peace” began releasing the stolen password information of the same LinkedIn users from the earlier hack.

With millions of users’ data (or billions, in the case of Facebook) floating around the web, the need for tight security from social media platforms is obvious. Facebook alone has reported receiving more than 600,000 security hack attempts each day. (Although that is nothing compared to the NSA’s 300 million attempted hacks each day!)

The wide age range and technology experience level of social media users makes security management even more complex. A social platform needs to not only combat hackers, but also has to protect users whose personal security practices might be elementary. Only 18 percent of Americans report changing their social media password regularly.

So with the constant threats of hacks coming in — from both foreign and domestic hackers — what exactly are these platforms doing to keep our information safe?

Click here to continue reading.

GUEST BLOG: Do Americans Ever Change Their Passwords?

960 640 Stuart O'Brien

By Varonis

Just how cautious are Americans when it comes to cybersecurity?

In today’s hyper-connected, highly-digitized society, data breaches are becoming increasingly commonplace. And they affect both corporations and individuals. In 2017 alone, the Equifax breach — considered by some to be the worst security breach in recent history — put 145.5 million Americans at risk of exposed information and identity theft.

Additionally, a Gmail phishing attack last year put 1 million users at risk of exposed information, and an Instagram hack revealed the contact information of 6 million users. Yahoo also revealed that a 2013 data breach affected the private information associated with all of their users — 3 billion in total.

According to the Pew Research Center, 64 percent of Americans have experienced some type of data breach in their lifetime. Despite this, the center found that the majority of Americans fail to follow cybersecurity best practices in their own digital lives.

In an effort to uncover more on password security habits (and associated feelings of cybersecurity), we put these numbers to the test.

Read on to discover what we found after surveying 1,000 Americans.

Varonis Data Apocalypse

8 tips to surviving the data security apocalypse

960 640 Stuart O'Brien

By Varonis

These days, working in data security can feel like surviving a zombie apocalypse – mindless hordes of bots and keyloggers are endlessly attempting to find something to consume. Just like in “The Walking Dead,” these zombies are an ancillary threat to other humans. The bots and keyloggers are pretty easy to defeat: it’s the human hackers that are the real threat.

How prepared are you to deal with the real threats out there?

Get Global Access Groups Under Control

Are you still using global access groups? That’s the dystopian equivalent of leaving your walls unmanned!  Giving the default “everyone” group access to anything is a hacker’s dream scenario.  They get a free pass to move from share to share, looking for anything and everything, and you’ll never know they were there.

Removing all permissions from the default global access groups is an easy way to improve data security. Varonis DatAdvantage highlights folders with Global Access Groups so that you can see who’s got access to what at-a-glance – and then you can use the Automation Engine to quickly remove those global permissions from your shares.  All you need to do is set the Automation Engine to remove Global Access Groups and it will move users out of those generic groups and into a new group that you can then modify.  The important thing is to stop using Global Access Groups, and keep your walls manned at all times!

Identify (and Lock Down) Your Sensitive Data

Effective survivors hide their resources and food stores from the prying eyes of outsiders. The most organized groups stash backup caches and keep records of their stores. Do you do the same with your PII and intellectual property data?  Can you, right now, tell me where every social security number or credit card string is stored on your file shares? If you can’t, then who knows what kind of treasures potential thieves will find as they poke around?

Knowing where your sensitive data is stored is vital to surviving the data security apocalypse – our Data Classification Framework quickly and easily identifies PII and intellectual property data in your unstructured files, so you know where your sensitive data is – and where you can lock it down.

Track Your Dangerous Data

Imagine that the guard on the North wall got eaten – and now the map with the weapons caches for the entire region is MIA.  Can another group of survivors find that map and steal your stuff? You might be leaving the same breadcrumbs on your network by leaving behind old files that have valuable information a hacker could use for profit.

Identifying and deleting or archiving this data is just as important as moving that cache of weapons to the safety of your base camp. DatAdvantage can report on stale data and give you visibility into what might be leaving you vulnerable to hackers. Managing stale data is an excellent strategy to limit exposure, and keeps you one step ahead.

Practice Good Password and Account Policy

Say you use a certain whistle to communicate with your group – and you’ve used that same whistle for the past 8 months. What are the chances that a rival group will ambush you by using that whistle?

It’s the same if you have passwords that never change, or accounts that are no longer active, which should have been removed or deactivated.  Hackers can use those accounts to try to access resources over and over again without setting off any alarms.

It’s always best to change the “whistle,” or password, on a consistent basis – and have a policy in place to revoke access privileges when people leave the group. Perhaps something less drastic than chopping their head off before they go full zombie.  With DatAdvantage, you can report on these kinds of accounts in your Active Directory so that you can take action and remove this threat without using an axe.

Fix Inconsistent Permissions

Once you have redundancies and processes to keep everything running smoothly, what happens when that one guy in your survivor group just can’t follow simple instructions?  What if they’re an important part of the plan, but can never quite complete their part?  You might say that part of the plan is broken, like when you have a share that is set to inherit permissions from the parent – but for some reason isn’t. In data security terms, you have inconsistent permissions, which can cause confusion as to exactly how the permissions on these folders are set.

Fixing all of these broken links in the fence will help keep the outsiders from getting into your data stores. You can automate the process of repairing inconsistent permissions with the Automation Engine – so that you’re maintaining a least privilege model and only the right people can access that data. Or get through that fence.

Identify Data Owners

If your survival group is going to be a self-sustaining society, you’ll need leaders to support your growth.  You wouldn’t want the horticulturist in charge of weapons, and you probably wouldn’t want the weapons master in charge of your vegetables.  The same holds true for your data and the data owners.

You need to be able to identify the owners of your data so that you know who’s responsible for managing permissions and access to those shares. When there’s one person in the Legal department who can grant access to the legal shares, you’re in a much better situation than if the IT department handles that for every department.

The first step is to identify data owners – and DatAdvantage provides reports and statistics to help you do just that. You can automate the process with DataPrivilege, and enable those data owners to approve and revoke permissions from their shares and audit permissions on their shares on a regular basis. Now that the data owners are in charge of who gets access to their data, things are starting to make a lot more sense – not to mention run much more smoothly.

Monitor File Activity and User Behavior

As your society of survivors grows into a full-fledged community, you want to make sure that everyone is contributing and utilizing the resources of the community correctly.  So you put in some monitoring systems.  Assign chain of commands and reporting structures and even make some rules.

And so, you need to do the same thing by monitoring your file and email servers. DatAdvantage gives you visibility on the file and email servers – even user behavior – which is paramount to data security: outsiders can sometimes get in, and once they get in they might look like they belong.  But when they start stealing extra bread or copying gigs of data to an external drive, we need to know.

Set Up Alerts and Defend Your Data

Alerts can warn you about a herd tripping a bell on the perimeter or that Jeff from marketing has started encrypting the file server with ransomware.  The faster and more that you know about potential threats, the better you can respond.  Conversely, the longer the outsiders have to do bad things, the worse it will be for us every time.

You can set those tripwires to automatically respond to specific types of threats with DatAlert, so that your security team can lessen the impact and get straight to the investigation phase. DatAlert establishes behavioral baselines for every user – so that you know when somebody’s acting out of the ordinary, or if their account has been hijacked. With DatAlert, you can monitor your sensitive data for unusual activity and flag suspicious user behavior so that you know when you’re under attack.

Want to check your own preparedness level for the data security apocalypse? Get a risk assessment to see how you measure up.  We’ll  check your environment for all of these potential threats and provide a plan of action to get you up to true survivor status.