Is Your Organization Underestimating Its Endpoint Risk?

By: Josh Mayfield | 5/27/2019

For decades, IT professionals have been fighting the good fight against malware, hackers, negligent or malicious insiders, and other threats. We focus on securing the network as if it’s a tangible thing we can put in bubble wrap and lock inside a vault. If only it were that straightforward!

The reality is that the network is now fluid — stretching inside and outside the walls of the organization — and accessed easily by mobile endpoints. We’ve invested heavily in security to protect the endpoint from attack but experts have noticed a worrying correlation between greater endpoint security spending and increased endpoint complexity and risk.

The endpoint is now the largest attack vector

With endpoints accessing and storing data from literally anywhere in the world, the endpoint has become the largest surface area for attack. And cybercriminals know this — according to Ponemon Institute, the frequency of attacks on endpoints is increasing. Last year, two-thirds of companies were compromised by attacks that originated on their endpoints.

We presume that the humble endpoint is protected because we spend millions of dollars per year on encryption, AV/AM, client-patch management, and other endpoint protection tools. This presumption could cost us. As of 2018, the average cost of a data breach involving the endpoint sits at a cool $7.1 million. Could your organization survive an attack of this magnitude?

The full picture of endpoint vulnerability

The security solutions that we rely on to protect our devices — and the data that lives on them — fail often. According to a new report by Absolute that studied six million devices over 12 months, our endpoints are not as secure as we’d like to think:

  • No devices survived a full year without an encryption failure
  • 28 percent of endpoints are unprotected at any given time
  • 19 percent of endpoints require at least one repair within 30 days

Let those numbers sink in.

All of your devices will experience an encryption failure in the next year. At a time when zero-day attacks are four times more likely to compromise organizations, one third of your devices may be unprotected and one fifth may need patching. According to Ponemon, the average time to patch is 102 days. So for 102 days, your endpoints could be exposed to zero-day attacks.

Are those scenarios acceptable to your CISO and CEO?

Make existing endpoint security more resilient

It’s clear that we need a better way to reduce vulnerabilities and take back control of the endpoint. We must address the root of endpoint security failure by ensuring that existing security controls remain in place and functioning correctly at all times. But how?

Persistence technology can help. Persistence technology is embedded in the firmware of over 70 percent of the world’s endpoint devices. It enables Absolute to have the only cloud-based platform that maintains a constant, persistent connection to devices, regardless of user behavior or device performance. The always-on connection enables you to keep a close eye on existing security controls to ensure they’re always performing at an optimal level. In this way, you can unlock value from solutions you’re already paying for and avoid unnecessary spend on yet more endpoint security.

Your staff can do their best work safely, from anywhere. And you can rest assured that your devices are resilient.

2019 Endpoint Security Trends ReportInterested in taking a deeper dive into the current state of endpoint security? Read the full report: 2019 Endpoint Security Trends Report


Financial Services