There’s a massive amount of complexity plaguing today’s enterprise endpoint environments. The number of agents piling up on enterprise endpoint devices – up on average – is hindering IT and security’s ability to maintain foundational security hygiene practices, such as patching critical vulnerabilities, which may actually weaken endpoint security defenses, Absolute reveals.
Also, critical endpoint controls like encryption and antivirus agents, or VPNs, are prone to decay, leaving them unable to protect vulnerable devices, data, and users – with more than one in four enterprise devices found to have at least one of these controls missing or out of compliance.
Increasing security spend does not guarantee security
In addition to heightening risk exposure, the failure of critical endpoint controls to deliver their maximum intended value is also resulting in security investments and, ultimately, wasted endpoint security spend.
According to Gartner, “Boards and senior executives are asking the wrong questions about cybersecurity, leading to poor investment decisions. It is well-known to most executives that cybersecurity is falling short. There is a consistent drumbeat directed at CIOs and CISOs to address the limitations, and this has driven a number of behaviors and investments that will also fall short.”
“What has become clear with the insights uncovered in this year’s report is that simply increasing security spend annually is not guaranteed to make us more secure,” said Christy Wyatt, President and CEO of Absolute.
“It is time for enterprises to increase the rigor around measuring the effectiveness of the investments they’ve made. By incorporating resilience as a key metric for endpoint health, and ensuring they have the ability to view and measure Endpoint Resilience, enterprise leaders can maximize their return on security investments.”
The challenges of maintaining resilience
Without the ability to self-heal, critical controls suffer from fragility and lack of resiliency. Also, endpoint resilience is dependent not just on the health of single endpoint applications, but also combinations of apps.
The massive amount of complexity uncovered means that even the most well-functioning endpoint agents are at risk of collision or failure once deployed across today’s enterprise endpoint environments.
IT and security teams need intelligence into whether individual endpoint controls, as well as various combinations of controls, are functioning effectively and maintaining resilience in their own unique endpoint environment.
Single vendor application pairings not guaranteed to work seamlessly together
In applying the criteria for application resilience to same-vendor pairings of leading endpoint protection and encryption apps, widely varied average health and compliance rates among these pairings were found.
The net-net here is that sourcing multiple endpoint agents from a single vendor does not guarantee that those apps will not ultimately collide or decay when deployed alongside one another.
Progress in Windows 10 migration
Much progress was made in Windows 10 migration, but fragmentation and patching delays leave organizations potentially exposed. Our data showed that while more than 75 percent of endpoints had made the migration to Windows 10 (up from 54 percent last year), the average Windows 10 enterprise device was more than three months behind in applying the latest security patches – perhaps unsurprisingly, as the data also identified more than 400 Windows 10 build releases across enterprise devices.
This delay in patching is especially concerning in light of a recent study that shows 60 percent of data breaches are the result of a known vulnerability with a patch available, but not applied.
Relying on fragile controls and unpatched devices
Fragile controls and unpatched devices are being relied on to protect remote work environments. With the rise of remote work environments in the wake of the COVID-19 outbreak, as of May 2020, one in three enterprise devices is now being used heavily (more than 8 hours per day).
The data also shows a 176 percent increase in the number of enterprise devices with collaboration apps installed as of May 2020, versus pre-COVID-19. This means the average attack surface, and potential vulnerabilities, has expanded significantly across enterprises.