Endpoint complexities leaving sensitive data at risk

Absolute Software announced key findings from its report which shines a light on key trends affecting enterprise data and device security, and underscores the dangers of compromised security controls in expanding an already wide attack surface for today’s enterprises.

Researchers estimate that the number of ransomware attacks grew by more than 150% in 2020, fueled by the global pandemic and the massive disruption to IT and security operations.

According to The Coveware Quarterly Ransomware Report, the most common software vulnerabilities exploited by ransomware attackers in Q1 (Jan – Mar) 2021 involved VPNs. It goes on state that “the cyber extortion economic supply chain demonstrated how a vulnerability in widely used VPN appliances can be identified, exploited and monetized by ransomware affiliates.”

With increasing endpoint complexities comes increased risk

The findings reveal that the need to support and secure remote workforces only exacerbated the existing complexities found in today’s endpoint environments – and with increasing complexity comes the increased risk of friction, failure, and noncompliance.

One in four devices analyzed had critical security controls — such as encryption, antivirus, or VPN — considered to be unhealthy, or not working effectively, at any given time. If left unaddressed, almost any application deployed on the endpoint carries the potential of becoming an attack vector.

“The trends in this year’s report — unaddressed vulnerabilities, unprotected data, and failing security controls – are clear indicators that it is time for organizations to put rigor around ensuring the endpoint security tools they’ve invested in are effectively protecting their valuable, and vulnerable, corporate devices and data,” said Christy Wyatt, President and CEO of Absolute.

“And, the findings underscore the critical need for resilient endpoints and applications in the evolving ‘work from anywhere’ era. The ability to identify and mitigate risk is dependent on having the ability to monitor the state of every device and application, identify where things might be fragile or falling down, and autonomously heal them when needed.”

Other notable insights

• Endpoint complexity and redundancy continue to plague enterprises: The average number of security controls has increased to more than 11 per enterprise device, with the majority of devices containing multiple controls with the same function. 60% of enterprise devices analyzed had two or more encryption applications installed, while 52% had three or more endpoint management applications installed.
• Sensitive data remains unprotected and at risk: 73% of enterprise devices analyzed contained sensitive data, such as Protected Health Information (PHI) or Personally Identifiable Information (PII). Compounding the risk of exposure, 23% of devices with high levels of sensitive data also reported unhealthy encryption controls.
• Patching delays leave critical vulnerabilities unaddressed: The average Windows 10 enterprise device was found to be 80 days behind in applying the latest available OS patches. More than 40% of Windows 10 enterprise devices were running version 1909, which is associated with over 1,000 known vulnerabilities.