Ghost Users Haunt Healthcare FirmsGhost Users Haunt Healthcare Firms
Data security hygiene severely lacking among healthcare firms, new research shows.
March 30, 2021
More than three-quarters (77%) of healthcare companies have 500 or more accounts with passwords that never expire, while 79% have more than 1,000 ghost users — user and service accounts that are inactive but still enabled, according to new Varonis research.
The data security report, which analyzed 3 billion files across 58 hospitals, pharmaceutical firms, and biotechnology companies, also found nearly 20% of all files are accessible to every employee.
The average healthcare organization has 31,000 sensitive files — including those that include HIPAA-protected information, financial data, and proprietary research — open to everyone, according to a summary of the findings.
The full findings can be found here.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023