The 2021 Egnyte Data Governance Trends Report is based on survey data from 400 C-level IT leaders, highlighting the latest challenges in securing and governing the single largest source of enterprise data risk: content.
In 2020, IT leaders reported that the shift to remote work had accelerated content sprawl and created new levels of data risk. In 2021, IT leaders report that hybrid work will continue for the foreseeable future, worsening content sprawl and raising new concerns about the security of sensitive data inside files.
Key findings show ransomware surfacing as the top data security concern for large companies, and differing opinions on how AI can be used to solve the most pressing challenges for security and compliance.
In 2020, 70% of C-Suite IT executives predicted content sprawl would worsen. Today, the average organization deploys 14 file repositories, and 20% of CIOs report having more than 20 file services in use.
How many file storage solutions does your organization use?
(Select from a scale of 0 to 20+)
1-10 File Storage Services
Average Number of File Storage Repositories in Use
(Responded by IT Leaders)
1 File Storage Service
2 File Storage Services
3-4 File Storage Services
5-9 File Storage Services
10-20 File Storage Services
20+ File Storage Services
Content sprawl is a bigger problem than meets the eye.
When people hear "file storage," an image of a cloud repository or on-prem file server comes to mind. But the reality is that files are transmitted, and often stored, inside many other kinds of apps and across devices. These "informal repositories" create a hidden source of risk due to the difficulty of finding and securing sensitive information lurking inside stored files.
Informal Repositories: Top Locations That Files are Stored and Shared
Collaboration Portals(SharePoint, Basecamp, etc.)
Messaging Services(Slack, Teams, etc.)
Local Storage Devices(USBs, hard drives, etc.)
Business Productivity Apps(Google Workspace, Docusign, etc.)
Personal Devices(computers, smartphones, etc.)
Unauthorized Cloud Storage
The wide use of multiple repositories is likely to continue in the short-term, as 88% expect at least some employees to work remotely at least until 2022.
In 2020, 40% said their top concern with content sprawl was the increased risk of breaches and leaks—and, even with a year to improve, not much has changed.
Top Concerns About Content Sprawl
Increased risks of data breach and leaks
More difficult to retain, delete, or archive data
Challenges of maintaining multiple systems
Cost of maintaining different systems
Managing permissions effectively
Inhibits file analytics and business intelligence
Lack of company control and visibility over company files
Version control issues
CIOs have good reason to be concerned. They estimate an average of 49% of their company files —nearly half— contain sensitive information, such as PII or credit card numbers.
65% of C-level tech execs suspect that files and documents with sensitive information are saved locally to the personal devices of employees.
of company files contain sensitive information
Which Data Source is Most Difficult to Secure?
Cloud File Storage
Personal Devices (computers, smartphones, etc.)
On-premises file storage
Company devices (computers, smartphones, etc.)
More than a third (35%) of tech executives say email is the most difficult data source to secure, yet 77% report employees sharing files via email.
Content sprawl has wide-ranging implications for organizational priorities around data security, privacy, and compliance. 30% of CIOs cite securing customer data as their top priority -- an effort that can be severely hampered when that data is spread across such a wide attack surface.
What Does Company Leadership Believe is the Top Priority?
Select a slice to dig deeper
A quarter of C-Suite IT leaders say protecting against ransomware is their company’s top priority. Companies with annual revenue over $100 million were more likely to rank ransomware as their top concern (37%) than companies with less than $100 million (21%).
Which Consequence of Ransomware is a Bigger Concern For Your Company?
0Your company’s data being improperly accessed and made public
0Your files getting encrypted, making them inaccessible and disrupting business operations
44% of IT leaders at smaller companies (100 - 1,000 employees) say they are completely or mostly prepared for a ransomware attack, versus 69% of companies at larger enterprises (1,000+ employees).
CIO Wish List
Unsurprisingly, 80% of CIOs are likely to invest in new cloud security solutions, including cloud access security broker (CASB) and data loss prevention (DLP) software, in the next 12 months.
While most organizations have already invested in some tools, barriers remain to investment, including cost (34%). But another 31% say they just don't have the time to research what’s available and 28% say they don't have the right talent in-house to administer the software if they purchase it.
Biggest Barriers to Investing in New Cloud Security Tools
SMB 100-1000 Employees
Large Company 1000+ Employees
Haven’t Had the Time to Research
Don’t Have the Right People to Administer Them
Too Complex for Our Business
I Personally Don’t Have the Expertise to Administer Them
I’m Not Sure What They Do What They Do
Don’t Need Them
The focus on security and protecting sensitive data has prompted C-level tech executives to bulk up a new front in the battle for security. The most commonly cited application of AI that companies are currently using or plan to invest in the next 12 months is to identify and protect sensitive data in files (47%). Another 42% are using AI to assess risk and threats, and 40% are using it to monitor for malicious behavior.
AI Solutions Your Business Uses Or Plans to Purchase in The Next Year
Identifying and Protecting Sensitive Data in Files
Assessing Risks and Threats
Challenges of Maintaining Multiple Systems
Searching and Collating Existing Databases for Information
Monitoring for Malicious Behavior
Uncovering Insights Through Business Intelligence
File Management and Organization
Monitoring Bandwidth and Identifying the Best Teams
However, while C-level executives have grand plans for using AI to combat digital threats, there may be another battle brewing within. 70% say that while their company leaders have talked up using AI, they aren't ready to fully commit to it.
As the survey data shows, content sprawl has been exacerbated by distributed workforces and the proliferation of file sharing and storage apps. Businesses of all stripes are struggling to keep tabs on their data, even though they’re acutely aware of the stakes.
IT leaders have zeroed in on ransomware and the potential fallout from these attacks as top priorities. They already have, or plan to invest in security tools to address these challenges and they see AI as a potential solution to a range of IT needs.