Unstructured data management provider positions itself at the forefront of AI readiness with automated permission remediation capabilities
AI is transforming business operations and enterprise organizations face a big challenge that threatens both security and AI initiatives. That problem is permission sprawl, which is the uncontrolled proliferation of file access rights across data landscapes. Employees and even third-party users accumulate excessive permissions over time and retain access to files they don’t need.
This creates security vulnerabilities that can lead to ransomware attacks, data exfiltration campaigns, and other cyber threats. Without proper access governance, organizations leave the door wide open to exploit excessive permissions for lateral movement and data theft.
Panzura has responded with a solution, introducing automated Access Control List (ACL) analysis and remediation capabilities to its Symphony data services platform. The company says it’s a “first-of-its-kind” offering that directly addresses what has become a trillion-dollar technological crisis.
A recent report says 80% of enterprises have experienced some sort of incident involving unauthorized data access. Meanwhile, enterprises have seen a 40% increase in SaaS adoption over the past two years, with medium-sized companies leading the charge at 47%, creating an explosion of access points that traditional security measures struggle to govern.
Permission sprawl has reached what experts describe as critical proportions. While a “least permissive” approach is widely regarded as best practice, according to research, 58% of enterprises are affected by permission sprawl, with organizations averaging 802,000 data files at risk due to oversharing.
Perhaps most alarming, 91% of employees still retain access to company files after offboarding, creating a ticking time bomb for data breaches and providing ready-made attack vectors for ransomware operators who target these dormant but privileged accounts.
“Manual permission audits are a nightmare – teams are constantly chasing inheritance chains, investigating anomalies, and trying to resolve violations. Automated ACL remediation is the difference between damage control and strategic access governance, a capability often promised but never delivered with such precision,” said Sundar Kanthadai, Chief Technology Officer at Panzura.
Kanthadai says the stakes have been raised by AI adoption. While files buried deep within directory structures may be challenging for users to locate manually, large language models (LLMs) can quickly surface sensitive data to users with inappropriate permissions. AI-enabled organizations operate in highly dynamic, distributed and regulation-sensitive data environments, where traditional governance models built around static policies and periodic audits prove ineffective.
“We’ve gone from structured, auditable workflows to a black-box decision loop. It’s a hidden governance contagion,” Kanthadai explained. He says the paucity of data provenance in AI-powered environments means organizations can no longer trace how data originated, was transformed, or who accessed it under what policy.
Data Access Governance Landscape
Panzura Symphony now enters a competitive landscape where data governance solutions from Microsoft, Informatica, Collibra, and others vie for enterprise attention. However, the company’s vendor-neutral approach and focus on automated ACL remediation set it apart from vendors like Hammerspace who have focused on high-performance file services for AI.
Panzura says the new capabilities in the Symphony platform fill a gap. Data sprawl can lead to inefficiencies and increased costs, as redundant storage and the need for additional management resources can drive up expenses. Symphony’s ability to work across heterogeneous environments – supporting everything from NetApp FlexGroup Volumes to IBM Storage Deep Archive, as well as Panzura’s flagship hybrid cloud file services platform CloudFS – provides unified data orchestration capabilities without requiring wholesale infrastructure changes.
“Think of it as the two pillars of the company,” Kanthadai explained regarding Symphony’s relationship to Panzura CloudFS. “Symphony will continue to evolve but will always be vendor-neutral meaning it works with any file system or platform, including CloudFS.”
Symphony’s integration capabilities extend beyond traditional storage systems and offer comprehensive REST API support, JDBC database connectivity, and webhooks for DevOps workflows.
Technology leaders are now recognizing the connection between data governance and AI accuracy and reliability, making Panzura’s timing noteworthy. The Symphony platform’s metadata capabilities help IT teams understand their data, opening a window directly into it wherever it’s stored, without requiring full file inspection or changes in data structure. Symphony also helps teams take appropriate action, which directly supports what industry analysts identify as a requirement for AI initiatives — clean, well-governed data.
“Security through obscurity is no longer an option. The latest capabilities of Symphony take on the daily challenges of sysadmins in maintaining secure and compliant data storage and preparing data for AI workloads including agentic AI,” Kanthadai emphasized.
“Proper access governance is a first line of defense for data security and cyber resilience. Without it, you’re vulnerable to ransomware attacks and data exfiltration regardless of other security measures you have in place.”
As data volumes rise, so do problems around accuracy, consistency, and compliance. Effective file access governance ensures information is reliable, secure, and discoverable. This underpins the trust necessary to scale AI and analytics both internally and externally. Kanthadai said the Symphony platform can crawl enterprise file systems, tag data, report on the veracity of potential LLM data, and offer categorized data for specific enterprise functions.
Financial Impact and Compliance
The financial implications of permission sprawl cannot be overstated. The average cost per insider breach has reached $16.2 million, driven by permission failures that Panzura says Symphony directly addresses. This makes the business case for proactive governance solutions compelling.
Symphony’s Interactive ACL Analysis provides drill-down views of complex permission inheritance, human-readable reporting with adjustable detail levels, and change tracking from previous scans to spot potentially problematic activity. The new Repair ACLs Policy can automatically remediate anomalies, potentially saving hundreds of hours of manual intervention while minimizing human error.
With ongoing and evolving regulations, including data privacy and new AI-related requirements, automated data governance tools are becoming a must-have for avoiding fines and costly data incursions. According to Panzura, Symphony helps its customers remain audit-ready and compliant with regulations like GDPR, CCPA, SOX, and HIPAA through transparency and automated, policy-driven actions such as correctly setting permissions, tagging, and moving files to locations appropriate for compliance.
The platform’s metadata preservation during data movement and policy-based lifecycle management capabilities are designed for regulatory complexity. According to Kanthadai, unlike solutions that provide global namespace access without true access governance, Symphony orchestrates and optimizes file and object data while ensuring data quality, accessibility, and proper categorization along with audit logging.
Looking Forward to the AI Imperative
As enterprises move toward more sophisticated AI implementations, including agentic AI systems that can operate autonomously across multiple data sources and environments, the importance of data governance becomes even more important.
“In agentic AI systems, agents must be able to work outside the boundaries of proprietary IT environments and interact with many data sources, LLMs, and other components to deliver accurate and reliable outputs,” said Kanthadai.
Kanthadai says Symphony can be seen as an “AI precursor” that delivers insights and clears the way for governance, regulation, training, and evaluation, which positions Panzura at the forefront of this transformation. The ability to handle large-scale data orchestration, storage cost optimization, and AI workload placement supports the infrastructure requirements of analytics and AI implementations.
Symphony is now available to existing customers for both Enterprise and Insights editions through standard updates, and to new customers through direct sales and Panzura’s partner network. The company offers migration services and training programs, as well as “prep and production” pricing.
The convergence of expanding data volumes, increasing regulatory complexity, and AI adoption pressures creates a market opportunity for Panzura. Companies grapple with the reality that 80% of organizations looking to scale their business will fail without modern data governance. Solutions like Symphony may prove essential for navigating these challenges, especially as AI takes hold.
