Skip to main content

A massive number of enterprise devices suffer security deficiencies

(Image credit: Shutterstock / Golden Sikorka)

A quarter of all enterprise devices have poor security configurations, leaving sensitive data up for grabs, a new report from Absolute Software claims. The Endpoint Risk Report says these devices contain “unhealthy or ineffective” security applications such as encryption, antivirus (opens in new tab), or VPN (opens in new tab) solutions.

Other major problems include the number of security controls, as well as their functions. The number rose to eleven per enterprise device, many of which have the same functions. Almost two-thirds have two or more encryption applications installed, while more than half had at least three endpoint management solutions.

The operating system is another liability; the average device running Windows 10 was 80 days behind in patching, while almost half (40 percent) of Windows 10 (opens in new tab) enterprise devices run the 1909 version, which has more than 1,000 vulnerabilities.

“The trends in this year’s report — unaddressed vulnerabilities, unprotected data, and failing security controls – are clear indicators that it is time for organizations to put rigor around ensuring the endpoint security tools they’ve invested in are effectively protecting their valuable, and vulnerable, corporate devices and data,” said Christy Wyatt, President and CEO of Absolute.

“And, the findings underscore the critical need for resilient endpoints and applications in the evolving ‘work from anywhere’ era. The ability to identify and mitigate risk is dependent on having the ability to monitor the state of every device and application, identify where things might be fragile or falling down, and autonomously heal them when needed.”

In the world of the “new normal”, where employees are scattered across the globe, cybercriminals are taking advantage of poor cyber hygiene. Removed from the relative safety of the corporate network, remote workers are low-hanging fruit for criminals looking to steal credentials, move into target networks, and plant ransomware or exfiltrate data.

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.