Surge in remote working reveals concerns around unprotected endpoints
Millions of US businesses forced to rapidly support home working for employees are facing significant challenges to securely manage their IT networks. New research from Tanium reveals that 72 percent of US CIOs find previously undiscovered computing devices on a daily or weekly basis.
The findings come from a global study of 750 IT decision makers. It reveals that 57 percent of CIOs worldwide are concerned that a lack of visibility and control of endpoints – such as laptops, servers, virtual machines, containers and cloud infrastructure – will make their companies more vulnerable to cyberattacks.
The study uncovers three challenges that organizations should address as home working environments become more widespread in the United States and elsewhere:
A surge in unprotected endpoints
Unpatched devices open doors for malicious actors, especially in decentralized IT networks. More than half of survey respondents – 54 percent – say that employees and teams adding solutions and environments (i.e. cloud environments) without permission is the biggest challenge in maintaining control of the IT environment.
However, even if remote unprotected endpoints are identified, they may be left unfixed due to the considerable bandwidth and time required to connect them via VPN to a centralized patch management solution.
By allowing such vulnerabilities to persist, enterprises are exposing their networks to a greater risk of exploitation and privacy breaches. These risks will likely escalate as stay-at-home orders extend in scope and duration.
The research also suggests that the volume of unpatched devices may increase due to the growing complexity of IT systems. Responding organizations implement an average of 38 separate security and operations tools to manage their IT environments. Such sprawl limits the effectiveness of already-siloed teams and reduces visibility into the estate.
“It’s been weeks since countless organizations switched to remote working models almost overnight, and it’s been encouraging to see how many businesses were able to transfer workflows and operate decentralized networks quickly. Yet our new research shows that the vast majority of businesses will encounter serious challenges around patch and security compliance as remote working continues,” said Chris Hallenbeck, CISO for the Americas at Tanium.
“The proliferation of unknown computing devices within organizations’ IT environments, in particular, is offering malicious actors access to corporate and customer data. This threat alone will likely surge as working from home becomes the new normal.”
Stressors that threaten to expose corporate assets
As hackers ramp up phishing attacks on remote workers, IT leaders who lack visibility into these new endpoints may find their organizations dangerously exposed. Nearly a quarter (22 percent) of IT decision makers cite employees clicking on malicious links as a top challenge in maintaining control of the IT environment.
An additional 34 percent name departments implementing their own tools without IT’s knowledge (shadow IT) as a major cause of endpoint visibility gaps.
IT leaders are worried that this limited visibility of unprotected endpoints could leave their company more exposed to cyberattacks (50 percent), but also that it may damage the brand (44 percent), make risk assessments harder (35 percent), and impact customer loyalty (37 percent).
Those fundamental IT weaknesses that 85% of CIOs are finding also carry compliance risks. Both the CCPA and the GDPR hold companies strictly accountable for the personal information they store and process.
In a sweeping effort to adhere to such requirements, US CIOs report spending $81.9 million on compliance over the past 12 months and an additional $167 million on cyber liability insurance. In the past year, US decision makers outspent their counterparts in Europe and Japan.
However, despite this increased investment, US organizations feel unprepared to deal with the evolving regulatory landscape, with 40 percent claiming that a lack of endpoint visibility and control is one of the biggest barriers to maintaining compliance regulations.
As many as 67 percent are also worried that poor IT hygiene threatens their ability to remain compliant with CCPA, which went into effect in January 2020.
Hallenbeck concluded: “Regardless of asset location, CIOs and CISOs need to know which assets are plugged into the network and what applications they are running. Even personal computing devices that are being used for work should be integrated into the organization’s risk management practices. This may include denying a non-compliant device access until patched, and allowing the device owner to opt into the organization’s endpoint management system, to guarantee that they can be monitored and remediated in the event of an incident.
No organization can afford to exclude devices from their cybersecurity infrastructures, including personal ones that are increasingly shuttling sensitive customer information. While the premises may have changed, organizations still need full visibility into the IT environment to keep customer and enterprise data secure.”