New research challenges misconceptions about the security of our endpoint devices.
The only thing worse than no security is a false sense of security. While there are few, if any, enterprise organizations that have no endpoint security in place, a recent study by Absolute identified a serious cause for concern — the fundamental endpoint security tools in which so much faith is placed, fail us regularly.
The research studied more than six million devices over a one-year period and examined one billion change events to see how security solutions performed — or failed to perform — during that time frame. The findings were staggering and categorically discredit some long-held myths about the state of endpoint security.
Our research found that devices have an average of 10 endpoint security agents installed.
On the devices we examined, more security tools did not equate to more secure devices. Paradoxically, the complexity introduced by multiple agents actually leaves organizations more vulnerable to attack. When it comes to endpoint security, the more dangerous outcome is not too little technology, but too much.
For example, we identified more than one AV/AM agent per device on the majority of devices studied (1.2 AV/AM agents per endpoint). The likelihood that these agents will conflict and collide with one another is high as they compete for device services and resources and create blind spots for security teams.
It’s clear that access to endpoint security solutions is not a problem — most organizations have sufficient budget to cover the costs. The real problem organizations face is in ensuring that these controls remain in place and are functioning correctly at all times.
If basic visibility, control, and resilience measures are not in place, adding additional security tools to already bloated devices will only exacerbate the problem.
When it comes to endpoint security, the more dangerous outcome is not too little technology, but too much.
Security budgets continue to rise year over year in an effort to mitigate the ever-increasing data security risks. The global spend on IT security is predicted to total $128 billion by next year. However, our research indicates that this spending could be done in vain. As much as 40 percent of endpoint security spend is squandered on solutions that simply don’t work.
It is certainly important to keep pace with advances in endpoint security technology — but investing more money into exciting new technologies such as blockchain, artificial intelligence, and machine learning is futile if the basics are not operating effectively.
The fact remains, the efficacy of any endpoint security tool diminishes significantly over time — unless those tools are deliberately controlled to improve their resilience.
Our analysis doesn’t mean that existing security tools are useless — they just need a watchdog to ensure they remain resilient.
Absolute’s technology is embedded in the firmware of more than 70 percent of the world’s endpoint devices. Because it’s the only embedded security solution, it is the only cloud-based platform that maintains a persistent connection to devices, regardless of user behavior or device performance.
This persistent connection enables IT and security professionals to keep a close eye on existing security controls to ensure they’re always performing as they should. It helps you unlock the value of your existing investments while enabling you to feel secure in the knowledge that your devices are protected — and if they’re not, you have controls in place to either fix them or lock them down.
Interested in taking a deeper dive into the state of endpoint security? Read the full report: 2019 Endpoint Security Trends Report.