Critical gaps in IT departments’ approach to enterprise security
A new study by conducted by Ultimate Windows Security, released at RSA Conference, provides visibility into the uses, concerns and challenges that IT departments face in respect to endpoint security, patching, cloud applications and mobile management.
Endpoints
Endpoints have shifted from securely existing within four physical walls to connecting from anywhere in the world, often over insecure Wi-Fi. With IT managers reporting that negligent employees are the biggest threat to endpoint security, the process of ensuring every endpoint is securely configured, patched and protected from external threats is more critical than ever. When IT professionals were asked to rank their top security concerns, three of the top four answers revolved around endpoints.
Furthermore, when asked to identify which systems management products are used to properly configure, manage and secure endpoints, “none” was the third most popular answer. For small businesses, the number of organizations foregoing endpoint security is an alarming 36 percent.
Breakout of systems management products used by organizations:
Patching
Vulnerability protection plays a key role in overall threat protection. External hackers who seek to exploit vulnerabilities oftentimes continue to do so more than a year after a common vulnerability has been published, making it critical to ensure that every single patch—for both operating systems and applications—is applied as soon as it’s available. Respondents underscored this importance by citing the need to stop endpoint-based intrusions as the fourth highest security priority.
However, while nearly all client systems management products manage endpoints, many do not cover third-party applications such as Flash and Java. As such, 57 percent of respondents said they would like integrated third-party patching and, in the meantime, use a separate solution or no patching at all.
Mobile
When it comes to mobility, organizations cannot address security, stability and performance without centralizing mobile access to data, application updates and device security. Enterprise mobility management (EMM) solutions offer this, but 37 percent of respondents do not use EMM services.
Endpoints are shifting
IT managers are experiencing a rate of change like never before. Endpoints are shifting from traditional, on-premises desktops and laptops to mobile devices that are used by employees to work from anywhere. IT departments are working to protect these ever-moving endpoints from both threats and vulnerabilities, but are using systems management solutions that lack integrated technologies to do so efficiently and effectively – or they use no systems management solution at all.