Companies are moving their data and workflow over to the cloud with increasing fervor, according to new research from CloudLock.

The company’s “Cloud Cybersecurity Report: The Extended Perimeter” analyzed more than 750 million files, 77,500 apps and six million cloud users to find that, on average, every organization has 4,000 instances of exposed credentials.

The credentials were accessible across the entire company, externally, and in some cases, publicly. Furthermore, an average organization has 100,000 files containing sensitive information stored on public cloud applications.