Uncovering the Fragility of Endpoint Security

By: Josh Mayfield | 4/17/2019

New report highlights vulnerabilities caused by the degradation of endpoint security solutions over time.

IT and security professionals have a huge range of tools and technologies at their disposal to help combat data and device security risks. In fact, by 2020, the global spend on IT security is predicted to total a staggering $128 billion. Despite this, every week it seems there is news of another high-profile data breach.

A new primary research study by Absolute has uncovered an explanation for this: much of IT security spending is done in vain due, in part, to missing or broken endpoint security agents or disabled controls.

The study found that the fragility of endpoint security tools causes the efficacy of these tools to diminish significantly over time — unless those tools are deliberately controlled to improve their resilience.

Endpoint security is more vulnerable than you think

Our security research team gathered data from over one billion change events on more than six million devices. They monitored the data over a one-year period to see how security solutions performed — or failed to perform — during that timeframe. The sample included data from 13,000 anonymized organizations across North America and Europe.

  • One billion change events
  • Six million devices
  • 13,000 organizations (anonymized)
  • One-year benchmark study

The findings were eye-opening. While it’s reasonable to expect the fundamental endpoint security solutions we invest in — such as encryption, antivirus/anti-malware (AV/AM)— to keep our devices secure, the harsh reality is this: Endpoint security solutions fail reliably and predictably. The false sense of security they provide is probably enterprises' biggest risk.

Security tools fail: Endpoint security is flawed

We expect encryption to protect our data, AV/AM to protect us from cyber threats, and client management tools (CMT) to ensure our applications are patched and safe from publishing vulnerabilities. Our expectations are too high, apparently.

Read: The Biggest Challenges with Encryption

Our research shows that encryption is regularly disabled, broken, or missing entirely. In fact, 100 percent of endpoint security tools failed eventually — no tool is immune. And of the devices where encryption fails, 30 percent remain unencrypted for more than 60 days — an unacceptable window of data vulnerability considering the heavy penalties laid down by HIPAA, PIPEDA, GDPR, and other global regulations.

[caption id="attachment_32546" align="aligncenter" width="392"]100% of Endpoint protection tools fail eventually - no tool is immune. The 2019 Endpoint Security Trends Report uncovers some startling truths about what is putting organizations at risk.[/caption]

Our research also found that 21 percent of devices had outdated AV/AM; additionally, seven percent of endpoint protection tools were missing altogether, leaving 28 percent of devices unprotected.

[caption id="attachment_32547" align="aligncenter" width="668"]21% of endpoints have outdated antivirus/anti-malware, 7% are missing AV/AM altogether. leaving 28% unprotected at any given point in time. 28% of Endpoints have AV/AM that is either outdated or missing altogether[/caption]

Further to this, 23 percent of the patching tools designed to remediate vulnerabilities in devices and the applications running on them were broken or disabled. This is concerning since the 20 most common applications published over 5,000 vulnerabilities last year. In fact, every 5.7 days there’s at least one vulnerability published by the top eight application publishers This means that every few days, there’s a window of opportunity for attack on almost a quarter of your devices.

Key takeaways from the 2019 Endpoint Security Trends Report include:

  • 28% of endpoints have missing or outdated endpoint protection tools
  • 100% of devices experience an encryption failure within one year
  • 42% of endpoints are unprotected at any given time

Strengthen existing endpoint security

While the analysis is sobering, it doesn’t mean that existing security tools are without merit — they just need greater resilience.

There is a way for organizations to monitor, manage, and secure their entire endpoint infrastructure so their staff can do their best work safely, from anywhere. Absolute’s technology is embedded in the firmware of more than 500 million of the world’s devices. Because it’s the only embedded security solution, it maintains a persistent connection to devices.

This connection enables IT and security professionals to keep a close eye on existing security controls to ensure they’re always performing at an optimal level. In this way, IT and security teams can unlock value from solutions they’re already paying for and avoid unnecessary spend on yet more endpoint security.

Uncover the findings from an extensive primary research study analyzing over six million enterprise devices over a one year period and discover actions toward real-world resilience. Read the Endpoint Security Trends Report 2019.

Financial Services