New research by Absolute reveals endpoint security tools fail
One hundred percent of endpoint security tools eventually fail; complexity of device controls causes security gaps and significant risks.
Absolute (TSX: ABT), the leader in endpoint resilience, has revealed that endpoint security tools and agents fail, reliably and predictably. This revelation is based on findings from its new 2019 Global Endpoint Security Trends Report. From there, every additional security tool only amplifies complexity and increases the probability of failure and decay, and in turn, exposes the dangers of equating IT security spend with security and risk maturity. The study analysed data from six million devices and one billion change events over the course of a year.
IT and security professionals have a huge range of tools and technologies at their disposal to help combat data and device security risks. In fact, by 2020, the global spend on IT security is predicted to total a staggering $128 billion. Despite this, every week it seems there is news of another high-profile data breach.
A new primary research study by Absolute has uncovered an explanation for this: much of IT security spending is done in vain, partly because of missing or broken endpoint security agents or disabled controls.
The study found that the fragility of endpoint security tools causes the efficacy of these tools to diminish significantly over time, unless those tools are deliberately controlled to improve their resilience.
Endpoint security is more vulnerable than you think
Our security research team gathered data from over one billion change events on more than six million devices. They monitored the data over a one-year period to see how security solutions performed, or failed to perform, during that time frame. The sample included data from 12 000 anonymised organisations across North America and Europe.
* One billion change events
* Six million devices
* 12 000 organisations (anonymised)
* One-year benchmark study
The findings were eye-opening. While it's reasonable to expect the fundamental endpoint security solutions we invest in, such as encryption and antivirus/anti-malware (AV/AM), to keep our devices secure, the harsh reality is this: Endpoint security solutions fail reliably and predictably. The false sense of security they provide is probably enterprises' biggest risk.
Security tools fail: Endpoint security is flawed
We expect encryption to protect our data, AV/AM to protect us from cyber threats, and client management tools (CMT) to ensure that our applications are patched and safe from publishing vulnerabilities. Our expectations are too high, apparently.
Our research shows that encryption is regularly disabled, broken or missing entirely. In fact, 100% of endpoint security tools failed eventually; no tool is immune. And of the devices where encryption fails, 30% remain unencrypted for more than 60 days; this is an unacceptable window of data vulnerability considering the heavy penalties laid down by HIPAA, PIPEDA, GDPR and other global regulations.
The 2019 Endpoint Security Trends Report uncovers some startling truths about what is putting organisations at risk.
Our research also found that 21% of devices had outdated AV/AM; additionally, 7% of endpoint protection tools were missing altogether, leaving 28% of devices unprotected.
28% of endpoints have AV/AM that is either outdated or missing altogether
Furthermore, 23% of the patching tools designed to remediate vulnerabilities in devices and the applications running on them were broken or disabled. This is concerning since the 20 most common applications were published over 5 000 vulnerabilities last year. In fact, every 5.7 days there's at least one vulnerability published by the top eight application publishers This means that every few days, there's a window of opportunity for attack on almost a quarter of your devices.
Key takeaways from the 2019 Endpoint Security Trends Report include:
* 28% of endpoints have missing or outdated endpoint protection tools;
* 100% of devices experience an encryption failure within one year; and
* 42% of endpoints are unprotected at any given time.
Strengthen existing endpoint security
While the analysis is sobering, it doesn't mean that existing security tools are without merit. They just need greater resilience.
There is a way for organisations to monitor, manage and secure their entire endpoint infrastructure so their staff can do their best work safely, from anywhere. Absolute's technology is embedded in the firmware of more than 500 million of the world's devices. Because it's the only embedded security solution, it maintains a persistent connection to devices.
This connection enables IT and security professionals to keep a close eye on existing security controls to ensure they're always performing at an optimal level. In this way, IT and security teams can unlock value from solutions they're already paying for and avoid unnecessary spend on yet more endpoint security.
Uncover the findings from an extensive primary research study analysing over six million enterprise devices over a one-year period and discover actions towards real-world resilience. Read the Endpoint Security Trends Report 2019.