Home Cyber Endpoint security “still challenging” for many organisations in face of escalating cyber threat

Endpoint security “still challenging” for many organisations in face of escalating cyber threat

by Brian Sims

Ivanti has announced the results of its annual survey on the main endpoint security challenges faced by IT professionals. More than 130 IT professionals at VMworld Europe 2017, held in Barcelona, participated in the extensive survey. 80% of those IT professionals have had to implement a patch management policy in order to improve endpoint security following the increase in ransomware and malware episodes.

In addition, 72% of IT professionals believe that Microsoft’s OS represents the most consistent patching challenge for their organisation. In addition to this, Java is the most problematic third-party application for 54.6% of respondents.

70% of IT professionals don’t have complete visibility into their IT systems or don’t know if they have the right tools so as to gain visibility into those IT systems. 13% of organisations allow employees to have administrator rights, which increases the risk of vulnerabilities and provides a greater foothold for malware that manages to bypass any existing cyber security infrastructure. It’s promising, though, that this result has decreased significantly from last year’s figure of 55%.

32% of organisations use whitelisting and blacklisting to protect against the execution of unauthorised applications in their environments.

Only 80% of those organisations surveyed have a patch management policy in place. This is equal to the result from the 2016 survey (80%), in turn suggesting that the massive WannaCry and NotPetya malware attacks have exerted a limited impact on the implementation of updates.

A quarter (24%) of respondents complete necessary security updates in less than a week, but almost half (49%) take more than two weeks, while 20% take more than a month to finalise their updates. It’s important to note as well that, last year, two-thirds of respondents said patch management took them more than eight hours per week, so it’s clearly a time-consuming process for most organisations.

The most commonly used tools to minimise IT risk are those that remove administrator privileges for users (45%), followed closely by the aforementioned whitelisting (32%) and blacklisting (32%).

In 36% of those companies surveyed, users are not given any administrator rights, while 39% of companies have implemented tools or policies for managing administrator rights. Tools that provide Just In Time (JIT) Administration (14%) and Just Enough Administration (JEA) (5%) are far less common.

JIT and JEA are essential to IT security because they provide users with privileges they need without giving them privileges that could threaten the company’s security – thereby providing a balance between efficiency and risk. Companies seem to have understood this to an extent: only a minority (13%) now afford administrator rights to all users. This signals a sharp drop from last year (55%).

Only one-third (30%) of businesses have full visibility into their IT environment (physical, virtual, online or offline, etc). While almost half (46%) have partial visibility, 18% have no visibility or reporting capabilities at all.

In comparison, just over half (55%) of respondents to the Ivanti survey felt that they had sufficient visibility into their IT environment in 2016.

Simon Townsend, chief technologist at Ivanti, said: “This study suggests that, while organisations may have taken certain strides towards increased endpoint security in the wake of 2017’s devastating attacks, patching both quickly and comprehensively, it’s clear that demonstrating compliance with company policies is still not a priority for many. However, we can see that awareness of the importance of IT security has increased. I have high hopes that this will translate into the implementation of better policies and more robust solutions across the next 12 months.”

You may also like