Other than scaring organizations with massive potential fines for data protection snafu’s, the European Union’s General Data Protection Regulation (GDPR) has not sufficiently impacted organizations (yet), even though the law has been in effect for almost a year now. New research by Varonis shows that companies are still falling short when it comes to protecting user data.
In fact, the report found that a majority of firms expose over 1,000 sensitive files to every single employee, with the average company providing everyone on the payroll with access to 22% of all folders, while 51% of organizations had over 100,000 folders open to every staff member. The report notes that such “[g]lobally accessible data puts organizations at risk from insiders, malware and ransomware attacks: it takes just one click on a phishing email to set off a chain reaction that encrypts or destroys all accessible files.”
Read more: Half of companies have 1,000+ sensitive files accessible to every employee