Endpoint security holes an open door for attackers

June 23, 2008 – 11:09 AM

Everyone knows that there’s no such thing as 100% security, but it’s unlikely that most businesses realize how insecure they really are. New research on endpoint security shows just how vulnerable corporate networks are.

Eighty-one percent of corporate endpoints probed by IT security and control product vendor Sophos failed basic security tests: They either lacked Microsoft security patches, their client firewalls were disabled, or they missed endpoint security software updates.

For 40 days, Sophos ran its Endpoint Assessment Test, a free online scanning service that checks for endpoint security vulnerabilities. The Endpoint Assessment Test was performed against 583 corporate endpoints from around the world. North America represented 39% of the sample base, while the U.K. made up 36%, and Australia and Germany were 11% and nine percent respectively (5% were from other countries).

Test results showed that 63% were missing at least one Microsoft security patch; more than half (51%) of endpoints tested had their client firewalls disabled, and 15% had out-of-date or disabled endpoint security software.

Read the rest of the story…

You must be logged in to post a comment.