Promisec Ltd has published a series of findings from audits performed at 30 large organisations covering 193,000 corporate endpoints. The results from these findings indicate the prevalence of unauthorised software, rogue processes and endpoint security gaps that have the potential for significant security issues at the nations largest organisations.
The audit revealed that
- 25,090 (13 per cent) of the corporate PCs surveyed had unauthorised USB devices attached to them, opening the door to data loss and the opportunity for USB-bourne viruses and malware to enter the corporate network
- 7,720 (4 per cent) of corporate PCs had peer-to-peer (P2P) applications installed
- 2895 (1.5 per cent) of the corporate PCs did not have the latest Microsoft service packs
- 3,281 (1.7 per cent) had anti-virus monitoring and remediation issues
- 2,316 (1.2 per cent) of the 193,000 audited endpoints were without required third party desktop security agents, and
- 1582 (0.8 per cent) of endpoints had unauthorised remote control software, and a lesser percentage had unauthorised and unprotected shareware.
Promisec Ltd. regularly conducts comprehensive security audits at potential customer sites to identify the prime threats to internal network security, originating at endpoints enterprise-wide. The audit takes less than an hour after implementation of Promisec Spectator Professional, installed on a single enterprise workstation. The software's ability to perform discovery and provide reporting across all corporate networks produces a detailed synopsis of processes, devices and other activities on the network which may be outside of corporate policy, revealing the current state of internal network security. As revealed in these findings, data loss and illegal software introductions are the two largest threats, driven by the unauthorised connection of USB-attached mass storage devices.
Related links: (Open in a new window.)
www.promisec.com
View printable version (opens in new window)
Back
