Endpoint security holes an open door for attackersJune 23, 2008 – 11:09 AM
Everyone knows that there’s no such thing as 100% security, but it’s unlikely that most businesses realize how insecure they really are. New research on endpoint security shows just how vulnerable corporate networks are.
Eighty-one percent of corporate endpoints probed by IT security and control product vendor Sophos failed basic security tests: They either lacked Microsoft security patches, their client firewalls were disabled, or they missed endpoint security software updates.
For 40 days, Sophos ran its Endpoint Assessment Test, a free online scanning service that checks for endpoint security vulnerabilities. The Endpoint Assessment Test was performed against 583 corporate endpoints from around the world. North America represented 39% of the sample base, while the U.K. made up 36%, and Australia and Germany were 11% and nine percent respectively (5% were from other countries).
Test results showed that 63% were missing at least one Microsoft security patch; more than half (51%) of endpoints tested had their client firewalls disabled, and 15% had out-of-date or disabled endpoint security software.