Enterprise endpoint security: Millions of devices still running outdated systems
Duo Security analyzed the security health of 4.6 million endpoint devices, including 3.5 million mobile phones across multiple industries and geographic regions.
With increased adoption of cloud services and mobile devices, enterprises no longer have distinct boundaries defined by inside and outside the firewall, making the health of devices connecting to their network more critical than ever to protect against new security threats.
To measure the state of device security health, the report analyzes top indicators including out-of-date operating systems, browsers and plugins that make endpoints more susceptible to vulnerabilities, as well as security features mobile devices have enabled. Also, for the first time, the report highlights the latest data from Duo’s simulated phishing assessments. Phishing is one of the easiest and most effective ways for attackers to steal user credentials, exploit out-of-date software, and gain access to enterprise applications.
Overall device security health
31% of endpoints are running the latest OS version, Windows 10, compared to 15% in 2016. Enterprises are slowly migrating to the most up-to-date and secure version two years after its release. However, 13% of endpoints are browsing dangerously on an unsupported version of the Internet Explorer browser that is no longer receiving security updates that patch known vulnerabilities.
Mobile security health
Only 27% of Android phones are running the latest major OS version, compared to 73% of iPhones operating on iOS 10 or above. This stark difference is likely linked to many Android devices being beholden to both manufacturers and carriers to roll out updates, which can slow down the time to patch.
UK and EMEA security health
Compared to North America, EMEA (Europe, Middle East and Africa) countries are slightly more up to date. In EMEA, 40% of endpoints are running the latest version, Windows 10, compared to 31% in North America. In the United Kingdom, 37% of endpoints are running Windows 10, compared to 31% overall.
Industry-specific security health
- The technology industry has the highest number of endpoints running the Windows 10 OS at 87%, while the healthcare and machinery industries fall in the bottom with only 16% and 6% of endpoints respectively using the latest OS.
- Healthcare industry data reveals 76% of endpoints are running Windows 7 – an 8-year-old operating system – which is much higher than the 59% average of all other endpoints. Worse still, the percentage of healthcare endpoints running Windows XP has increased from 2% to 3%, which is higher than the 1% of overall endpoints. This is troubling to see, as Microsoft ended security support for Windows XP in 2014, and continuing to run the OS could run afoul of the HIPAA risk management requirements.
- The biotech industry comes in last for mobile security features, with the lowest amount of mobile devices with screen lock or encryption enabled, meaning they lack mobile device security.
Phishing on the rise
Duo’s analysis of 3,575 simulated phishing campaigns conducted in the past 12 months from Duo Insight , with more than 80,000 recipients, found that 62% of campaigns captured at least one credential and 68% had at least one out-of-date device.
- 44% of recipients opened the email and 25% of recipients clicked the link
- 13% of recipients entered their credentials (username and password).
- 13% of recipients use out-of-date browsers and 17% are running out-of-date operating systems.
A quarter of recipients clicking the link in the email means that they could have potentially visited a malicious website, putting their devices at risk. Since the majority of recipients are using out-of-date devices to open phishing emails, this also puts users at higher risk of getting compromised by an attacker using known vulnerabilities.
Mike Hanley, Sr. Director of Security for Duo explained, “As underlined from many of the latest headline breaches, unpatched, out-of-date software, systems and servers are prime targets for attackers armed with known vulnerabilities and malware. The 2017 Trusted Access Report shows that while we’re making progress in some areas like Windows 10 adoption, there is still much room for improvement across the board.”