October 09, 2023
4 Min Read
In today's digital-first world, the integrity and security of our applications and our networks are paramount. Yet, glaring statistics highlight significant vulnerabilities that, if left unchecked, could have catastrophic consequences for enterprises.
Application health is an often overlooked and underemphasized piece of the cyber resiliency puzzle. Over the past decade, cybersecurity spending has exploded with several billions each year being spent to add new security capabilities and prevent successful attacks from happening. And yet, breaches continue to occur in record numbers and with escalating sophistication. This is because with all these new capabilities, we’ve introduced a massive amount of complexity on the endpoint - and that complexity is actually degrading the health of the applications we’ve deployed to protect our devices, data, and users.
To understand this problem fully, we need hard data. Absolute Persistence technology is embedded in the firmware of more than 600 million endpoints worldwide, and when enabled, it allows customers to get rich telemetry about their endpoints and the applications deployed on them. Because of this, we can provide a unique perspective on the health of devices, commonly used security and business applications, and network connections.
We’ve recently analyzed data from thousands of our customers across nearly five million Absolute-enabled endpoints - not only to shine a light on this complexity and the resulting vulnerabilities, but also to demonstrate the need for robust tools capable of strengthening endpoint and network resilience. Let’s dig into this data and look at the details:
Delayed Patching
Enterprise Windows 10 devices lag by an average of 63 days in deploying the latest patches. This essentially means that for over two months, these devices are exposed to known vulnerabilities that can be exploited by malicious entities. Most security teams know that patching is a key control for maintaining security, but many of those teams don’t know just how badly out-of-date their systems are.
Overburdened by Security Apps
With an average of more than 11 security applications installed on enterprise devices, one might assume they are well-protected. Unfortunately, as mentioned before, having a large number of security tools can lead to overlaps and conflicts, and to decay - potentially leaving gaps in defense mechanisms.
Vulnerable Remote Access Tools
With the rise in remote work, secure remote access tools are more crucial than ever. However, a staggering one in four devices possesses an unhealthy remote access tool, meaning it was either not installed correctly, with broken configuration, or with stopped processes. This lack of network security poses risks not only to your data, but to the endpoint device itself.
Encryption Concerns
A worrisome 17% of active enterprise devices over a 30-day period weren't fully encrypted. Dive deeper, and the concern magnifies: 15% of these unencrypted devices hold sensitive data (such as PII or PHI). This means that one in six unencrypted enterprise devices could be a potential goldmine for cybercriminals. Having encryption enabled is often a legally required control, and not being able to prove it is enabled can expose an organisation to liability… but all too often encryption controls go out of compliance.
Sensitive Data on the Move
Data is the lifeblood of enterprises, and data protection is essential. Yet, 75% of enterprise laptops store sensitive data, with 19% of them having high volumes of such data (500+ instances). The vulnerability of this data is further exacerbated when we consider encryption, or the lack thereof.
These figures paint a clear and concerning picture. The complexity and brittleness of endpoint security controls mean that despite all the money organisations spend to secure their endpoints, all too often their devices are not as protected as they hope.
What's the way forward? Enter resilience and self-healing applications.
Self-healing apps are designed to automatically detect and rectify faults or vulnerabilities, minimizing the need for human intervention. In the context of the data mentioned above, such apps could autonomously identify and address vulnerabilities, whether they arise from delayed patches, conflicts between endpoint apps, or tampering from negligent or malicious users.
As well as being able to collect telemetry about the health of your endpoints, Absolute Application Resilience provides the ability to automatically restart, repair, or reinstall applications that are out of compliance.
Over the last 90 days, our Application Resilience has performed millions of repair actions, averaging more than 1.5 repairs per endpoint per month. To put that into the context of a whole business, if you have 1,000 users, then we are repairing something on average more than once every half an hour.
The frequency and variety of the repairs that we automate highlights the scale of the health problems among mission-critical endpoint tools, and the beneficial impact that automation can have in remediating these problems.
As cyber threats become more complex and pervasive, it's no longer enough to be reactive. Enterprises need to be proactive, incorporating forward-thinking solutions like self-healing apps and ensuring their devices are able to withstand, adapt to, and recover from threats. Only by embracing resilience can we hope to safeguard our digital future.
Share this article