Study: Endpoint Security Gaps Leave Organizations Vulnerable

  • May 01, 2007

Promisec Ltd. recently revealed findings from audits performed at 30 large organizations covering 193,000 corporate endpoints. The results from the findings indicate the prevalence of unauthorized software, rogue processes and endpoint security gaps have the potential for significant security issues at the nation's largest organizations.

Findings of the Promisec summary audit conducted over the last twelve months revealed 25,090 (13 percent) of the corporate PCs surveyed had unauthorized USB devices attached, opening the door to data loss and the opportunity for USB-borne viruses and malware to enter the corporate network. 7720 (4 percent) of corporate PCs had peer-to-peer (P2P) applications installed. 2895 (1.5 percent) of the corporate PCs did not have the latest Microsoft service packs, and 3281 (1.7 percent) had anti-virus monitoring and remediation issues. 2316 (1.2 percent) of the 193,000 audited endpoints were without required third-party desktop security agents. Finally, 1582 (0.8 percent) of endpoints had unauthorized remote control software, and a lesser percentage had unauthorized and unprotected shareware.

As revealed in these findings, data loss and illegal software introductions are the two largest threats, driven by the unauthorized connection of USB-attached mass storage devices.

"Organizations are becoming more adept at identifying security threats to their external networks, but internal network security issues represent a substantial problem for businesses challenged with preventing loss of corporate IP and the infiltration of their networks by malware inadvertently introduced by employees and business partners," said Amir Kotler, CEO of Promisec. "The answer to this problem is first understanding the magnitude of it. The loss of internal financial data, customer lists and proprietary product details can be devastating while the introduction of malware can significantly slow down business efficiency -- all of which can be prevented by implementing a strong endpoint security strategy."

Featured

  • Security Industry Association Announces the 2026 Security Megatrends

    The Security Industry Association (SIA) has identified and forecasted the 2026 Security Megatrends, which form the basis of SIA’s signature annual Security Megatrends report defining the top 10 factors influencing both near- and long-term change in the global security industry. Read Now

  • The Future of Access Control: Cloud-Based Solutions for Safer Workplaces

    Access controls have revolutionized the way we protect our people, assets and operations. Gone are the days of cumbersome keychains and the security liabilities they introduced, but it’s a mistake to think that their evolution has reached its peak. Read Now

  • A Look at AI

    Large language models (LLMs) have taken the world by storm. Within months of OpenAI launching its AI chatbot, ChatGPT, it amassed more than 100 million users, making it the fastest-growing consumer application in history. Read Now

  • First, Do No Harm: Responsibly Applying Artificial Intelligence

    It was 2022 when early LLMs (Large Language Models) brought the term “AI” into mainstream public consciousness and since then, we’ve seen security corporations and integrators attempt to develop their solutions and sales pitches around the biggest tech boom of the 21st century. However, not all “artificial intelligence” is equally suitable for security applications, and it’s essential for end users to remain vigilant in understanding how their solutions are utilizing AI. Read Now

  • Improve Incident Response With Intelligent Cloud Video Surveillance

    Video surveillance is a vital part of business security, helping institutions protect against everyday threats for increased employee, customer, and student safety. However, many outdated surveillance solutions lack the ability to offer immediate insights into critical incidents. This slows down investigations and limits how effectively teams can respond to situations, creating greater risks for the organization. Read Now

Most   Popular

New Products

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure.

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.