The question is, what is business doing with all of this data – 90% of which is unstructured – and how is it being managed? One thing is certain, it cannot and is not just stored on a server and left. Mergers and acquisitions, migrations to new servers or NAS, moves to new domains all mean that that this data is frequently on the move. Varonis wanted to understand more, and questioned more than 200 organizations on the handling of data on the move.
The results show that more than 95% of all companies move data around at least once per year. Forty-four percent do so five times per year. This isn’t just the odd file here or there: two-thirds of the respondents reported that it was usually at least one terabyte. But one concern is that all of this practice hasn’t evolved into a well-oiled process. The Varonis study also shows that 96% of the respondents reported concerns when performing these data migrations.
Those concerns usually include security. “From a security perspective,” says the report, “only 35% of those surveyed reported that they were very confident that sensitive data would only be accessible to the right people during a migration.” Since the basis of information security is controlling access to data – allowing only authorized access and preventing unauthorized access – one could expect that managing permissions during a migration would be an absolute priority.
The Varonis study suggests otherwise. Only 35% of organizations appear very confident that their data is available to the correct people during a move. So, is maintaining permissions an issue? Only 20% said it is not, even though the majority of companies retain their existing permissions through a move.
The Varonis study quantifies the problem, as described by David Gibson, VP of strategy: “The survey underscores that maintaining who has access to what is an ongoing problem for organizations. The scale of the problem that organizations face when moving terabytes of data may be surprising, as a typical terabyte contains about 50,000 folders, and of those folders about 5%, or 2500 folders, have unique permissions. An average access control list (ACL) contains 3–5 security groups, and a typical group contains anywhere from 5–50 users, as well as other groups that contain even more users and groups. Let’s say each access control list represents 5 minutes of work to re-create – that’s over 200 hours of work per terabyte of data moved.”
The solution, says Varonis, can only be automation in migration.