IT leaders have a problem with perception versus reality when it comes to understanding what’s happening with their endpoints, according to a recent Frost and Sullivan survey commissioned by Tanium. Here’s what we found out about security hygiene practices, and what you can do about it.
While nearly everyone agrees security hygiene is essential to keeping organizations safe from cyber attackers, the way forward is less clear. A recent Frost & Sullivan report, based on a survey of 200 North America-based IT decision makers commissioned by Tanium, reveals a sharp disconnect between IT priorities and existing security hygiene practices.
For example, while the vast majority of respondents (94%) say they are extremely or moderately confident that they know how many endpoints exist in their organizations, more than one third acknowledge the likelihood of unaccounted endpoints.
Knowing how many endpoints you have – and what is happening on them at any point in time – is a cornerstone of security hygiene best practices. After all, hackers only need to locate and compromise a single endpoint to gain access to your network. You know this in theory, yet the survey results indicate real-world practices have a long way to go.
Indeed, 70% of respondents identified reducing the frequency and severity of data breaches involving personally identifiable information (PII) as a “critical” or “high” priority for their organizations. Streamlining regulatory compliance and maintaining business continuity are also top priorities for a majority of respondents.
Yet, less than a third of respondents (32%) are confident that, when a breach happens, they’ll be able to identify all affected endpoints and remediate within one day of a breach. Not a shocking finding, but less than half of respondents are confident their current anti-virus solution is keeping them safe.
Patching software for critical security issues is seen as a cyber hygiene best practice. Yet, here, too, there’s a disconnect between what respondents believe in theory and what they’re experiencing in practice. Nearly eight in 10 respondents (79%) say they’re “extremely” or “moderately” concerned that critical OS security patches are missing from their endpoints. Reasons vary, including factors such as application incompatibility, a lack of systematic means to install critical patches across all endpoints and a lack of available IT resources to oversee patching. Products currently exist to address a both the latter points.
More operating systems, more cyber hygiene problems
Why is this so alarming? For one thing, operating system diversity is on the rise for enterprise PCs and servers alike.
The majority of respondents report having six OSes on their PCs and as many as seven OSes running on their servers. While respondents say the newest releases of Windows OS on PCs and servers are up-to-date, the same is not true when it comes to Mac-based PCs, Linux servers and older versions of Windows Server still in use.
In addition to concerns about currency in OS release version and security patches, the majority of the survey participants also express extreme or moderate levels of security concern regarding high-use applications such as Java, Flash and Acrobat.
Endpoint scanning: Key to cyber hygiene best practices
Even more troubling, the majority of respondents say more than half of all endpoints are not scanned, or are only scanned periodically, for security configurations, software vulnerabilities and file integrity. More than two thirds of respondents (68%) classify their current scanning practices for servers as ineffective, while 42% say the same about their PC scanning practices.
IT security organizations need to take steps to improve the basics of security hygiene. Frost & Sullivan advises organizations to objectively rate their current security hygiene tools based on what they accomplish and what they do not accomplish. This rating will produce a priority list of the attributes to seek in new or replacement security hygiene tools and what these tools should accomplish.
Want to learn more about security hygiene? Read these:
About the Author: Jennifer Ellard leads Tanium’s security product marketing and go-to-market efforts. Jennifer joined Tanium in 2016 and her focus is on developing content, driving pipeline, working with security partners and enabling sales teams. Previously, Ms. Ellard was at Hewlett-Packard and Symantec leading product marketing and partner marketing teams. Jennifer’s education includes a Bachelor’s degree in Marketing from University of Alabama in Huntsville and Masters in Business Administration from Santa Clara University.