November 2009 Lumension & Ponemon Institute Announces the State of the Endpoint Study
This study reveals the challenges organizations face in managing the security risk to endpoints. According to 1,427 IT and IT security practitioners from five countries, endpoint in most organizations are extremely vulnerable and susceptible to cyber attacks.
State of the Endpoint study was conducted by Ponemon Institute to understand if IT security and IT operations practitioners believe the endpoint is more or less secure today. In addition, this study examines if these two groups have different perceptions about the risk resulting from insecure endpoints to networks and enterprise systems. This study is sponsored by Lumension.
The scope of this research includes respondents from five countries including: United States, United Kingdom, Germany, Australia and New Zealand. In total, 1,427 respondents in IT security (hereafter referred to as security) and 1,582 respondents in IT operations (hereafter referred to as operations) provided usable survey returns.
Endpoint security involves protecting the enterprise’s network from such threats as virus and malware attacks, cyber crime and employees’ unauthorized use of mobile devices and illegal applications on organizations’ laptops, desktops and other Internet connected devices.
This study reveals the challenges organizations face in managing the security risk to endpoints. According to the IT practitioners in our study, both in operations and security, the following are reasons why the endpoint in many organizations is so vulnerable:
- Organization’s increasing use of technologies that improve productivity and reduce costs but create endpoint risks. These include open source software, Web 2.0 applications, cloud computing, virtualization and others. Moreover, the use of these technologies is expected to become more prevalent over the next 12 to 24 months. Especially cloud computing, Web 2.0 applications and virtualization.
- Employees connecting their own computing devices, such as laptops and PDAs, to the organization’s network or enterprise system. A very small percentage of organizations in our study have a policy that permits this practice. As a result, organizations may not have control over who is accessing the network with illegal and unauthorized applications.
- Endpoint management systems are complex. According to the study, on average 3.7 software agents are installed on each endpoint to perform management security and other operations. In addition, they have on average 3.9 different or distinct software management consoles for endpoint operations.
- Respondents report a lack of skilled or knowledgeable personnel, followed by the misalignment of IT and business objectives and difficulty integrating multiple technologies as contributing to the challenge of managing the endpoint.
- The endpoints are constantly under siege by virus or malware network intrusions. According to respondents, this was the most frequent security incident during the past year.
In many cases, not having adequate budget to invest in technologies and other resources, such as trained and knowledgeable employees, necessary to protecting the endpoint.
Collaboration between IT security and IT operations in many organizations does not happen as frequently as it should. According to the findings of this study, these two groups tend to have different perceptions about such critical areas as knowing what technologies are used that could put the endpoint at risk and what the major security risks are to the network