IT Brief New Zealand logo
Technology news for New Zealand's largest enterprises
Story image

Oversharing of sensitive documents soars 450%

By Shannon Williams
Thu 24 Jun 2021

There was 450% increase in the oversharing of sensitive documents over past year, according to recently released research from Concentric.

The AI-based solutions vendor released its Q1 2021 quarterly Data Risk Report, which highlights a continued rise in oversharing of business-critical and sensitive documents. 

The report revealed the number of overshared files rose 450% compared to the same quarter in 2020, highlighting the significant impact of the pandemic and remote work on data security. 

Using its Semantic Intelligence solution, Concentric captured user data in production deployments from companies in the technology, financial, and healthcare sectors to reveal how organizations create, use, and manage data. 

The company scanned more than 110 million unstructured data files to discover business-critical and sensitive documents that are overshared via link sharing, inappropriate external sharing, internal permission misconfigurations, and incomplete/incorrect document classifications. 

Oversharing increases the risk an organisation will lose data, violate compliance or privacy mandates, or experience cybercrime. Statistics highlighted in this latest Data Risk Report reveal that organisations average 439,000 files at-risk due to oversharing. That translates to 210 at-risk files per employee (up significantly from 38 files per employee in Q1 2020, a 452%increase). 

Link-based risky sharing is up to 65,000 documents per enterprise, up from 56,000 in Q4 2020 (the company started tracking link sharing risks in Q3 2020). 

Concentric is the first company to identify and quantify risk in both structured and unstructured data using deep learning. Its solution autonomously provides an accurate and detailed semantic understanding of the millions of contracts, financial documents, payroll, M&A plans, product roadmaps and source code files used by organisations every day. 

Similar to previous Data Risk Reports, this new report analysed production data and reflects actual user practices and real-world data risk exposures. 

Additional findings include:

  • Nearly 35% of unstructured data is business-critical - that's 3.1 million files in an average organisation. Of those business-critical files, 14% can be seen by internal or external users who should not have access. 
  • 229,000 business-critical files were erroneously classified and inappropriately accessible by other employees. To illustrate, nearly 23% of all unstructured data contained PII and were not marked appropriately. 
  • More than 33% of files processed were duplicates (15%) or near-duplicates (20%). Maintaining multiple variant copies of sensitive information (often with insecure file permissions, prohibited locations, or improper file classifications) can create legal and regulatory risks, as well as significant unnecessary storage costs. 
  • Eighty five percent of at-risk files were overshared with users or groups within the company, while 15% of business-critical files were overshared with external third parties. 

"More than 80% of an organisation's data is unstructured, meaning it's embedded in the millions of financial reports, corporate strategy documents, source code files, and contracts created every year," says Karthik Krishnan, chief executive at Concentric.

"As our quarterly Data Risk Reports continue to show, unstructured data is still largely unseen, unexplored and insecure, and too often overshared inside and outside organisations," he says.

"This educational report for the industry demonstrates the power of Concentric's advanced deep-learning technology to solve the ongoing challenges of unstructured and structured data security - both in the cloud and on-premises. 

"Our Semantic Intelligence solution autonomously delivers the data risk insights enterprises need to help employees work productively - remotely or in the office - without sacrificing security." 

Concentric's Risk Distance analysis evaluates business criticality based on contextualised content, file ownership, document meta-data, presence of personally identifiable information (PII), and peer file comparisons. 

Business criticality is vital to security assessment and understanding which files must not be overshared. Product files accounted for the leading share of business-critical documents (44%) analysed for this report, followed by financial files (27%), legal files (13%), and partner documents (10%). 

Related stories
Top stories
Story image
Digital Transformation
SAP partners with New Zealand Rugby for digital transformation
The multi-year partnership will see SAP advance NZR with its organisational operations, team performance, fan experience and sustainability goals.
Story image
Microsoft
Microsoft NZ and TupuToa to boost diversity in cybersecurity sector
Microsoft NZ has teamed up with TupuToa to co-develop a cyber security employment programme specifically aimed at creating more diversity in Aotearoa's cybersecurity sector.
Story image
Customer experience
The importance of service level management to customer experience
Staffing shortages have impacted site reliability engineers in particular since they are under extreme pressure to ensure that digital assets perform at optimum levels 24/7.
Story image
DevOps
Deloitte expands cloud observability practice with Dynatrace
Deloitte is expanding its cloud observability practice, including DevOps principles, AI/ML, cloud complexity management and software engineering.
Story image
Identity and Access Management
The post-pandemic workforce requires secure IAM capabilities
HID Global discusses what identity and access management means for organisations in today's convoluted digital world.
Story image
Cybersecurity
What every CISO must answer to enable a best-in-class security operations program
It has been widely reported recently that South Australian government employees have been the victims of a cyberattack.
Story image
Alteryx
Alteryx releases updates, empowers data insights for enterprise
Alteryx has released new advancements designed to aid enterprises with cloud analytics, democratise insights and ensure data governance.
Story image
Training
Infosec unveils role-guided cybersecurity training roadmaps
Infosec Skills Roles maps hands-on training and certifications to the 12 most in-demand cybersecurity roles to maximise training efficiency.
Story image
Data Center
Preventing downtime costs and damage with Distributed Infrastructure Management
Distributed Infrastructure Management (DIM) can often be a lifeline for many enterprises that work with highly critical ICT infrastructure and power sources.
Story image
Sustainability
SoftIron named global leader for efficient DC infrastructure solutions
SoftIron has been named a global leader for supplying energy-efficient data infrastructure solutions for core-to-edge data centers after an assessment by Earth Capital Ltd.
Story image
Sustainability
Aligned Data Centers increases sustainability-linked loan
Aligned Data Centers has increased its sustainability-linked loan from $375 million to $1.75 billion to speed up the next phase of its strategic growth.
Story image
TUANZ
TUANZ to address rural connectivity at 2022 symposium
TUANZ is hosting the Rural Connectivity Symposium for the first time in person since 2019, providing a forum to discuss the state of rural connectivity.
Story image
Symbio
Symbio consolidates TNZI business to support APAC expansion
Symbio has recently announced the consolidation of its international business (TNZI) under the Symbio brand to support its Asia Pacific expansion strategy.
Story image
Rackspace
Skills shortages hold orgs back from capitalising on cloud 2.0
Organisations are becoming more comfortable with sophisticated 'cloud 2.0' technologies, even as they confront difficulties in hiring and retaining IT talent.
Story image
Kubernetes
Sysdig unveils new Kubernetes troubleshooting and cloud innovations
Sysdig has introduced two new innovations that look to help bolster cloud services and simplify Kubernetes troubleshooting.
Story image
Cybersecurity
Accenture - a collective security approach a driving factor for cyber resilience
With the approaching Davos World Economic Forum upon us, it is even more imperative to discuss the impact of cybersecurity on business operations leading into the future.
Story image
Chorus
Chorus and Nokia launches first trial of 25G PON broadband
Chorus and Nokia have announced the successful demonstration of 25 gigabit per second fibre (Gbps) broadband technology at the Chorus Fibre Lab in Auckland. 
Story image
BYOD / Bring Your Own Device
How zero trust can lead the battle against ransomware
SecOps teams champion a zero trust strategy to support the fight against the escalating risk of cybercrime and help monitor threat actors across a network.
Story image
NVIDIA
NVIDIA announces a spate of new innovations at Computex 2022
NVIDIA has announced its latest innovations in data center, robotics, content creation, and gaming in a virtual keynote address on the opening day of Computex 2022 in Taipei.
Story image
Multi Cloud
Red Hat updates dev tools, empowers use of hybrid and multicloud
Red Hat has unveiled updates across its portfolio of developer tools, designed to help organisations build and deliver applications faster.
Story image
Managed service provider
Barracuda MSP Day 2022 highlights MSP opportunities
Barracuda Networks has released a report showing global services-related MSP revenue is set to increase by more than a third in 2022 compared to 2021.
Story image
Sift
Sift shares crucial advice for preventing serious ATO breaches
Are you or your business struggling with Account Takeover Fraud (ATO)? One of the latest ebooks from Sift can provide readers with the tools and expertise to help launch them into the new era of account security.
Story image
Digital Signage
MAXHUB's Digital Signage range to bolster boardroom productivity
The new MAXHUB Digital Signage technology is purpose-built to make every kind of team meeting more effective.
Darktrace
Threat actors are exploiting weaknesses in interconnected IT/OT ecosystems. Darktrace illuminates your entire business and takes targeted action to stop emerging attacks.
Link image
Story image
Ransomware
CERT NZ releases first Cyber Security Insights for 2022
CERT NZ has released Quarter One: Cyber Security Insights 2022, which offers an overview of reports about cybersecurity incidents affecting New Zealanders.
Story image
APAC
Top data and tech challenges for APAC banks - report
InterSystems’ new report finds that 87% of A/NZ banks experience frustrations and concerns in using their data to drive decision-making.
Story image
Infosys
Consumer relationships with digital services continues to change
Two years of pandemic-induced reliance on technology for work has altered our relationship with digital apps and services, new research has found.
Story image
Malware
Fortinet introduces self-learning AI in latest offering
Fortinet is introducing self-learning AI capabilities in its new network detection and response offering, FortiNDR.
Story image
Hybrid Cloud
Barracuda expands cloud-native SASE platform
"The expansion of Barracuda's cloud-native SASE platform for hybrid deployment models and IIoT environments solves a number of challenges."
Story image
Red Sift
Entrust expands strategic partnership with Red Sift
Entrust has expanded its strategic partnership with Red Sift to make it easier for businesses to adopt Brand Indicators for Message Identification (BIMI) standards for email identification and security.
Story image
Microsoft
Microsoft NZ announces initiative for local SaaS businesses
Microsoft has announced a new initiative, bringing together all of its tools to help local SaaS businesses build, sell and grow their companies at scale.
Story image
Silver Peak
The path to an adaptive, modern network
Managing and securing the network looks different than it did just two years ago—especially given that most of these networks are made up of multi-generations of infrastructure stitched together over time.
Story image
Digital Transformation
Digital transformation increasing business complexities
A new survey suggests businesses must re-examine their digital transformation approach to better help employees adapt to change.
Story image
Microsoft
Microsoft, Cloudian partnership offers data center flexibility
Cloudian’s HyperStore object storage platform is now integrated and validated to work with Microsoft SQ Server 2022, offering more flexible and scalable data centers.
Story image
Ponemon Institute
Email revealed to be riskiest channel for data loss
More than half (60%) of organisations experienced data loss or exfiltration caused by an employee mistake on email in the last 12 months.
Story image
Microsoft
Microsoft previews Power Platform website design offering
Microsoft has announced the preview of Power Pages, the fifth product in its Power Platform family, designed for low-code makers and professional developers.
Story image
Check Point
Check Point and CCTV expert join forces to boost protection
The partnership will involve Check Point Quantum IoT Protect Nano Agent being embedded in Provision-ISR’s CCTV cameras for on-device runtime protection.
Story image
Cybercrime
The ups and downs and runarounds of catching cybercriminals in NZ
We're becoming more and more aware of cybercrimes but how many criminals actually get caught? The New Zealand police explain why the answer is complicated.
Story image
Cyber attacks
Devastating cyber attacks expected to hit energy sector
Energy executives anticipate life, property, and environment-compromising cyber attacks on the sector within the next two years.
Story image
Contact Centre
Leveraging technology in contact centres to reduce attrition rates
Many organisations worldwide have accelerated DX to better respond to changing market drivers and business environments after the disruption of the pandemic.
Story image
DaaS
NetApp launches Spot PC, a new Desktop-as-a-Service solution
This is a new managed cloud DaaS solution with security, automation, observability and optimisation capabilities, designed for the needs of today.
Story image
MEC
MEC spending for private cellular networks to reach $5.8b
A new ABI Research report finds the revenue for Multi Access Edge Compute (MEC) deployments for private cellular networks will reach USD$5.8 billion by 2030.
Story image
Informatica
Informatica, Oracle enter strategic global cloud partnership
Oracle named Informatica as a preferred partner for enterprise cloud data integration and data governance for data warehouse and lakehouse solutions on OCI. 
Exabeam
Find out how a behavioural analytics-driven approach can transform security operations with the new Exabeam commissioned Forrester study.
Link image