Endpoint security “still challenging” for many organisations in face of escalating cyber threat

Ivanti has announced the results of its annual survey on the main endpoint security challenges faced by IT professionals. More than 130 IT professionals at VMworld Europe 2017, held in Barcelona, participated in the extensive survey. 80% of those IT professionals have had to implement a patch management policy in order to improve endpoint security following the increase in ransomware and malware episodes.

In addition, 72% of IT professionals believe that Microsoft’s OS represents the most consistent patching challenge for their organisation. In addition to this, Java is the most problematic third-party application for 54.6% of respondents.

70% of IT professionals don’t have complete visibility into their IT systems or don’t know if they have the right tools so as to gain visibility into those IT systems. 13% of organisations allow employees to have administrator rights, which increases the risk of vulnerabilities and provides a greater foothold for malware that manages to bypass any existing cyber security infrastructure. It’s promising, though, that this result has decreased significantly from last year’s figure of 55%.

32% of organisations use whitelisting and blacklisting to protect against the execution of unauthorised applications in their environments.

Only 80% of those organisations surveyed have a patch management policy in place. This is equal to the result from the 2016 survey (80%), in turn suggesting that the massive WannaCry and NotPetya malware attacks have exerted a limited impact on the implementation of updates.

A quarter (24%) of respondents complete necessary security updates in less than a week, but almost half (49%) take more than two weeks, while 20% take more than a month to finalise their updates. It’s important to note as well that, last year, two-thirds of respondents said patch management took them more than eight hours per week, so it’s clearly a time-consuming process for most organisations.

The most commonly used tools to minimise IT risk are those that remove administrator privileges for users (45%), followed closely by the aforementioned whitelisting (32%) and blacklisting (32%).

In 36% of those companies surveyed, users are not given any administrator rights, while 39% of companies have implemented tools or policies for managing administrator rights. Tools that provide Just In Time (JIT) Administration (14%) and Just Enough Administration (JEA) (5%) are far less common.

JIT and JEA are essential to IT security because they provide users with privileges they need without giving them privileges that could threaten the company’s security – thereby providing a balance between efficiency and risk. Companies seem to have understood this to an extent: only a minority (13%) now afford administrator rights to all users. This signals a sharp drop from last year (55%).

Only one-third (30%) of businesses have full visibility into their IT environment (physical, virtual, online or offline, etc). While almost half (46%) have partial visibility, 18% have no visibility or reporting capabilities at all.

In comparison, just over half (55%) of respondents to the Ivanti survey felt that they had sufficient visibility into their IT environment in 2016.

Simon Townsend, chief technologist at Ivanti, said: “This study suggests that, while organisations may have taken certain strides towards increased endpoint security in the wake of 2017’s devastating attacks, patching both quickly and comprehensively, it’s clear that demonstrating compliance with company policies is still not a priority for many. However, we can see that awareness of the importance of IT security has increased. I have high hopes that this will translate into the implementation of better policies and more robust solutions across the next 12 months.”

About the Author

Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications)

Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting.

In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector.

In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute’s George van Schalkwyk Award.

An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award.

Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site.

Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media.

Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014.

Related Posts