Only thirty-three percent of IT security professionals have security strategies in place to protect the growing number of endpoints on their networks, according to a recent study conducted by Dimensional Research among 500 IT security pros.
Are you confident that all the devices connected to your network receive security updates in a timely fashion?
Sixty percent of the respondents said they are not confident that all of the devices connected to their networks receive security updates in a timely fashion.
“Timely application of security updates is one of the most effective ways to reduce risk in any organization, but it remains a widespread challenge,” said Tim Erlin, senior director of IT security and risk strategy for Tripwire. “As more diverse devices are deployed, the availability and management of these updates becomes more difficult. Organizations need to have a strategy now, before an incident occurs.”
Critical endpoints are systems that, if compromised, could have significant fiscal or operational impact on an organization. Endpoints have traditionally been defined as devices with which users interact, such as desktops, tablets or phones; however, this definition has now been expanded to include additional items like employee-owned devices, virtual machines, point-of-sale terminals, Internet of Things devices and servers. Despite presenting significant and unique security risks, critical endpoints are rapidly increasing on networks. Intel has projected there will be over 200 billion connected devices by 2020.
Are you concerned about the security of IoT devices connecting to your organization’s network?
- Twenty-one percent of the respondents consider the security of IoT devices connecting to their organization’s networks to be one of their top security concerns.
- Nearly one-third (thirty-one percent) of the respondents said they conduct comprehensive inventories of hardware- and software-based assets, including IoT devices, on their networks only once per year.
- Fifty-two percent of the respondents said the projected growth rate of endpoints on their organization’s networks over the next 24 months would be less than twenty-five percent per year.
“The proliferation of devices from BYOD, IoT, and the incidental use of personal devices in the enterprise is causing ‘device sprawl,’ so it’s no surprise enterprises aren’t keeping up,” said Dwayne Melancon, vice president of products at Tripwire. “The key to dealing with this risk is to remember that foundational controls still apply, regardless of scale – know what’s on your network, understand how it’s vulnerable, keep it patched, keep it securely configured, and monitor the heck out of it for suspicious activity.”