Most, 80pc of IT professionals have had to make a patch management policy to improve endpoint security due to the increase in ransomware and malware; according to a survey on the main endpoint security challenges faced by IT, by the cyber product company Ivanti. That 80pc is equal to the result from the 2016 survey (80pc) suggesting the WannaCry and NotPetya malware attacks have had a limited impact on the implementation of IT updates. More than 130 IT people at the cloud and digital infrastructure event VMworld Europe 2017 in Barcelona took part in the survey.
Most, 72pc of those IT people believe that the Microsoft OS represents the most consistent patching challenge for their organisation. As well as this, for 54.6pc of respondents, Java is the most problematic third-party application. Most, 70pc of IT professionals do not have complete visibility into their IT systems or do not know if they have the right tools so as to gain visibility into their IT systems. A few, 13pc of organisations allow employees to have administrator rights, which increases the risk of vulnerabilities and provides a greater foothold for malware that manages to get through existing cybersecurity infrastructure. It is promising that this result has decreased significantly from last year’s figure of 55pc. And about a third, 32pc of organisations use whitelisting and blacklisting to protect against the execution of unauthorised applications in their environments.
About a quarter (24pc) of respondents complete necessary security updates in less than a week, but almost half (49pc) take more than two weeks, and 20pc take more than a month to complete updates. It is important to note as well that, last year, two thirds of respondents said patch management took them more than 8 hours a week, so it is clearly a time consuming process for most organisations.
The most commonly used tools to minimise IT risk are those that remove administrator privileges for users (45pc), followed by whitelisting (32pc) and blacklisting (32pc).
In 36pc of companies surveyed, users aren’t given any administrator rights; and 39pc of companies have implemented tools or policies for managing administrator rights. Tools that provide Just In Time (JIT) administration (14pc) and Just Enough Administration (JEA) (5pc) are far less common. JIT and JEA are essential to IT security, Ivanti says, because they provide users with privileges they need without giving them privileges that could threaten the company’s security – thereby providing a balance between efficiency and risk. Companies seem to have understood this to an extent: only a minority (13pc) now give administrator rights to all users – a sharp drop from last year (55pc).
Only one-third (30pc) of businesses have full visibility into their IT (physical, virtual, online, offline). And while almost half (46pc) have partial visibility, 18pc have no visibility or reporting capabilities at all. In comparison, just over half (55pc) of respondents felt that they had sufficient visibility into their IT environment in 2016.
Simon Townsend, Chief Technologist at Ivanti, said: “This study suggests that while organisations may have taken certain strides towards increased endpoint security in the wake of 2017’s devastating attacks, patching quickly and comprehensively, and demonstrating compliance with company policies, is still not a priority for many companies. However, we can see that awareness of the importance of IT security has increased, and I have high hopes that this will translate into the implementation of better policies and more robust solutions next year.”
