Portal Home | IS News Menu | Portal Menu | ISB Menu | Main Content
Survey: 49 Per Cent Fail To Lock Down Devices
04 Jul 05:42

End point security which is a key component in the information security defences of organisations, is being totally overlooked by a significant number of organisations, according to a survey released by Secure Computing Corporation.

A fifth of organisations do not have any form of end point security which means that their corporate networks and data are potentially exposed to hackers and criminals who can access sensitive information from unprotected access points.

In addition 49 per cent of organisations do not even use desktop firewalls for end point security, this is the most basic and fundamental level of security that should be deployed to prevent unauthorised access to sensitive information.

Protecting the operating system by ensuring it has the latest available patches installed is a further area that needs improvement with over a third (37 per cent) of organisations not keeping their operating systems up-to-date.

Anti virus software which is one of the most fundamental IT security defences is not used at the end points of 20 per cent of organisations, which is a shocking statistic given that the survey was carried out amongst 227 information security professionals at Infosecurity Europe 2006.

The survey questioned further on views about identity and access management, 46 per cent of organisations are very exposed as they are still only using passwords, 40 per cent are now using hardware tokens, 10 per cent are using smartcards and 5 per cent biometrics, a few organisations (2 per cent) are not using any access control. Nearly four out of ten (38 per cent) security experts believe that two-factor authentication is now the solution to phishing and identity theft. It is well known that hackers use many effective tools to compromise users' passwords. Such tools include sniffing, brute force attacks, dictionary attacks, personal information gathering, and social engineering (sneaky efforts to get someone to reveal their password). Hackers install keystroke-grabber software on public Internet terminals. Network sniffers steal passwords over wireless networks. Using these attacks, a password is just as vulnerable if it's "johndoe" or "gIwH1
5W."

A third of respondents believe it takes at least 24 hours for a signature to be developed to protect against an exploit after it appears in the wild and a further 17 per cent believe it takes a week. Hence the need for zero hour defences that protects a network against unknown threats. Only 16 per cent thought that it took an hour and 17 per cent thought that it takes two hours. The majority of people (70 per cent) do not believe that signature based security is sufficient in itself to protect an organisation. Unknown attacks are quickly becoming the next great information security challenge for todays organizations. In the first half of 2005, over 10,800 new virus and worm variants were identified for the Win32 platform alone, representing an increase of 48 per cent over the prior six-month period. As the window of time between the disclosure of a new vulnerability and the emergence of unique threats that operate against it continues to diminish, so does the effectiveness of many conventional countermeasures, including patch management.

Another key issue in defeating hackers is to protect the applications themselves but with nearly half (46 per cent) of companies failing to keep their application patches up-to-date, it seems that organisations are not taking this threat seriously enough. When questioned on threat management a fifth of organisations do not have any Application Layer Security which is essential to protect valuable data and financial transactions and a further fifth do not even know if they have any Application Layer Security. According to Andrew Yeomans from the Jericho Forum, as business requirements drive us towards a de-perimeterised future, both application layer and end-point security become essential, since central protection is decreasing in effectiveness.

When questioned on what they considered to be the elements necessary for complete content security management, Anti virus (78 per cent) is judged to be the most the most important element closely followed by URL Filtering (75 per cent) and Anti Spam (74 per cent). Elements that are not considered to be as important to complete content security management are Content protection (59 per cent), IM Filtering (54 per cent), and SSL Scanning (53 per cent).

A firewall (11 per cent) is the most popular choice as the first line of defence against worms, malware, and phishing attacks, user education and awareness is the second choice at 9 per cent and Anti Virus is 8 per cent. The best form of defence that an organisation can put in place against worms, malware, and phishing attacks is a defence in depth approach which includes provision against both known and unknown forms of attack and incorporates best of breed solutions for content security management identity and access management threat management and data encryption. A security aware culture and user education also have an important part to play as technology can only go so far in defending organisations against hackers.

Related links: (Open in a new window.)
External link www.securecomputing.com

View Printable View printable version (opens in new window)
Back Back