So says Varonis
Although many businesses move their data annually, many are worried about the risks of this process, research has found.
In a survey of IT executives, by Varonis Systems, 95 percent said they moved data at least once per year.
However, 65 percent of these admitted they were not confident sensitive data was protected during a migration. Of these 96 percent reported concerns when performing data migrations, with many leaving their data overexposed and vulnerable.
Respondents listed the most challenging and time consuming aspects of performing data migrations as maintaining availability (68 percent) while 67 percent said identifying and cleaning up old, unused or redundant objects was a key concern. Keeping data safe by ensuring correct access permissions was a problem for 59 percent of those asked.
Despite these security concerns, a worrying 65 percent admitted that they were not very confident that sensitive data was only accessible to the right people during a migration. In fact, 79 percent admitted that they could not guarantee that their folders and SharePoint drives were safe from global access groups, with one third of these admitting that unprotected folders were rampant or unidentifiable.
The company said that this was “particularly worrying” as nearly a third of migrations and consolidations are due to mergers and acquisitions, often leaving unprotected folders open to thousands more people after a migration.
David Gibson, VP of Strategy said: “The survey underscores that maintaining who has access to what is an ongoing problem for organisations. The scale of the problem that organizations face when moving terabytes of data may be surprising, as a typical terabyte contains about 50,000 folders, and of those folders about five percent, or 2500 folders, have unique permissions.
“An average access control list (ACLs) contains three to five security groups, and a typical group contains anywhere from five-50 users, as well as other groups that contain even more users and groups. Let’s say each access control list represents five minutes of work to re-create—that’s over 200 hours of work per terabyte of data moved.”
When respondents were asked which features they would like in a technology to help automate migration activities, their responses aligned with their challenges and concerns. Most hoped for a service that could provide easy selection criteria for choosing what data to be moved, automate incremental copies and automate permissions optimisation.