Data Visibility & Protection Endpoint Security

Endpoints At-Risk: Too Many Security Tools are the Cause

April 30, 2019

A recent study highlights the increased risk caused by application bloat and endpoint complexity.

According to a new report by Absolute, when it comes to endpoint security, less may, in fact, be more. The 2019 Endpoint Security Trends Report studied more than six million devices over a one-year period and examined one billion change events to see how security solutions performed — or failed to perform — during that timeframe. The results were eye-opening. It turns out the problem isn’t not having enough security tools, it’s that devices have too many.

Source: 2019 Endpoint Security Trends Report

The security solutions that we rely on to protect our devices — and the data that lives on them — fail often. The biggest contributing factor to the frequent failure rate? Endpoint complexity.

Endpoint Complexity is Causing Risk

Absolute’s analysis found that devices can have 10 or more endpoint security agents installed. Nine of those agents come from the same five technology categories: encryption, unified endpoint management (UEM), endpoint detection and response (EDR), endpoint protection platform (EPP/AV/AM), and virtual private network (VPN).

Read about Uncovering the Fragility of Endpoint Security

Ultimately, this means that multiple technologies exist on any given endpoint to perform the same task. For example, the report identified more than one AV/AM agent per device on the majority of devices studied (an average of 1.2 AV/AM agents per endpoint).

The likelihood that these agents will conflict and collide with one another is high. This creates a poor user experience and — more importantly — creates blind spots for security teams and disrupts key security controls.

“We should be testing this stuff before we put it out there. If we have 10 to 12 agents per device, we need to understand how they’re interacting with one another before they’re released into the wild. How do we know we’re not completely poisoning the well? Because that is an expensive well to un-poison.”

- Renee Murphy, Principal Analyst for Security and Risk Professionals, Forrester Source: The State of the Endpoint in 2019 Webinar

Complexity Puts a Strain on Resources

Endpoint complexity also poses a management and resourcing problem. A report by Ponemon found that 50 percent of companies require over 35 full-time employees to manage their endpoints. The same report found that 425 hours are wasted weekly on false security alerts, likely due to conflicting endpoint agents sending confusing signals back to SIEM solutions.

Source: The Cost of Insecure Endpoints, Ponemon, 2017

Furthermore, the vast number of tools identified in the report introduces a virtually unlimited number of combinations. This makes it almost impossible for resource-strapped IT teams to properly test devices prior to deployment.  In most cases, enterprises are forced to validate the combinations in live deployments — where results show that they all eventually break.

Read our blog post about The Complexity Gap

The Bottom Line: More is Not Better

While IT and security professionals have a huge range of tools and technologies at their disposal, the 2019 Endpoint Security Trends Report found that more security does not equate to more secure devices. In fact, much of endpoint security spend is wasted on solutions that simply don’t work (due to missing or broken agents or disabled controls).

Rather than throwing good money after bad, IT and security teams should, instead strive to reduce complexity on the endpoint and focus on ensuring that existing security tools are fortified, more resilient, and less inclined to fail.

Absolute acts like a watchdog on the endpoint. Absolute’s proprietary Persistence® technology is embedded in the firmware of more than 70 percent of the world’s endpoint devices. Because it’s the only embedded security solution, it is the only cloud-based platform that maintains a persistent connection to devices, regardless of user behavior or device performance. This persistent connection enables IT and security professionals to keep a close eye on existing security controls to ensure they’re always performing as they should.

As a result, Absolute is an efficient way to maximize the value of your existing investments. A Forrester TEI report found that Absolute delivers a 146% return on investment. It can also help organizations get a greater return on investment on existing security solutions.

Data Visibility & Protection Endpoint Security

Share this article

Financial Services