81% of corporate PCs lack antivirus, firewall or patches

Sophos has revealed the results of its Endpoint Assessment Test, a free online scanning tool that checks endpoints for security vulnerabilities, defined as missing Microsoft security patches, disabled client firewalls and missing endpoint security software updates. 

Sophos collected data from more than 580 PCs worldwide, 36 percent coming from UK-based computers, and found: 

• 81 percent of corporate endpoints tested failed one or more of these basic tests
• 63 percent were missing at least one Microsoft security patch among Microsoft Windows operating system, Microsoft Office, Microsoft Internet Explorer, Microsoft Media Player or Flash Player
• 51 percent of endpoints tested had their client firewalls disabled
• 15 percent were running out-of date endpoint security software or had disabled their protection altogether

Administrators reading these stats might think they are sitting pretty and have nothing to worry about, but I would challenge them to run this free tool and double check the security levels within their network – the findings have been staggering. Rather than wait for a problem to arise and be forced to perform a post mortem to find the holes, administrators would be wise to take a few minutes now – it’s free, it’s easy and it might just highlight some serious vulnerabilities that can be addressed proactively.

Sophos collected data from 583 corporate endpoints for this Endpoint Assessment Test – North America represented 39 percent of the sample base, the UK made up 36 percent, while Australia and Germany contributed 11 percent and 9 percent respectively.  The remaining 5 percent consisted of other countries. 

This problem is not only affecting smaller companies. One quarter of testers represented enterprises with more than 1,000 users, while 36 percent were mid-sized companies ranging between 100 and 1,000 users.