Breaking news and updates daily. Subscribe to our Newsletter

Building Your Cyber Resiliency and Endpoint Security Posture

Why endpoint management remains a foundational component of any IT and security team’s enterprise device strategy to minimise risk.

Promoted by Absolute
Fri, 28 Oct 2022
Building Your Cyber Resiliency and Endpoint Security Posture
expand image

As the only security provider embedded in the firmware of more than 600 million devices, our unique position enables us to see a more complete picture and use our single-source-of-truth intelligence to empower IT and security teams to eliminate potential blind spots and minimise their risk exposure.

With the continued adoption of “work-from-anywhere”, and with ransomware attacks on the rise and more prevalent, sophisticated, and capable of disruption than ever before, organisations must bolster their preparedness and recovery efforts to extend to all their endpoint devices. That’s why endpoint management remains a foundational component of any IT team’s enterprise device strategy.

Forrester recently released a report titled “The Future of Endpoint Management”, identifying the key trends that will drive evolution in the endpoint management market. These trends result in an improved employee experience, increased operational efficiency, and a reduced attack surface for organisations who practice them.

Forrester says there are six principles to ‘modern endpoint management’ - unified; cloud-centric; self-service enabled; context-aware; automated; and analytics-driven. By leveraging them it puts the focus squarely on end user experience, allowing for the hybrid workforce to work from anywhere. While there have been improvements and steps taken towards achieving these principles, Forrester acknowledges endpoint management as a practice faces challenges like high cost, lack of tie-in with security, and poor employee privacy. To combat these difficulties, the report advises professionals to take note of innovative trends taking hold in the market, such as self-healing.

Any enterprise endpoint can only be dependable if it functions as intended and without disruption. Employees can intentionally or unintentionally undermine their endpoints like installing unsupported third-party applications or becoming the victim of phishing attacks. There are plenty of malicious threat actors exploiting human error to disable existing security applications on enterprise devices. To remediate against such compromises, a self-healing solution ensures vital applications are monitored for tampering, degradation, and failure, so that automation can be employed to repair or even reinstall the problematic or missing app.

Self-healing can exist on three levels: the application, the operating system, and within the firmware. Forrester notes that Absolute is among the “firmware-based tools that ship embedded within the device and ensures that everything running on the device works correctly, e.g., endpoint agents, VPNs, and software. This remains persistent even if admins reimage or replace the hard drive.”

Our Secure Endpoint solutions take advantage of patented Absolute Persistence technology that is embedded in over half a billion devices through our partnership with close to 30 system manufacturers. Once activated, it is fiercely resilient and can survive attempts to disable it, even if the device is re-imaged, the hard drive is replaced, or the firmware is flashed.

We can extend this undeletable line of defence of self-healing via our Application Resilience capabilities to a broad range of mission-critical applications, such as anti-malware, encryption, UEM, VPN, and ZTNA, which are running on the endpoint. In turn, customers can assure their applications remain installed, healthy, and effective to counteract human error, malicious actions, software collisions, and normal decay.

By leveraging millions of anonymised data points adapted from our global customer base, we report on insights into device and application health, device mobility, sensitive data exposure, and more, with detailed views by vertical, region, and company size.

Over a recent 2-week period, we analysed anonymised data from various subsets of more than 14 million Absolute-enabled devices, active across nearly 18,000 global customers. We also sourced data and information from trusted third-party sources. Many of the devices were running Windows 10, and although we saw a slight uptick in Windows 11 adoption in enterprise, in education we find more Chrome OS devices.

We find the average Windows 10 device is 59 days behind on patching, with government and professional services reporting the longest delays (83 and 75 days). When we add education, the lag gets even more severe with devices 115 days behind, on average. If we look at the total number of vulnerabilities addressed on Patch Tuesday in July and August, these devices were susceptible to more than 200 vulnerabilities that have a fix available, including 21 deemed critical and one already being exploited.

Although every endpoint represents a potential target for cybercriminals, those containing sensitive data, such as PII and PHI, pose a more serious threat. And with widely distributed, highly mobile users now connecting to systems and data from off-network locations, the likelihood of storing data locally increases, and with it, so does the potential attack surface. Our analysis found 76% of enterprise devices contained sensitive data, on average, with financial services showing the highest proportion of devices with sensitive data stored (84%).

While any endpoint device presents a substantial risk, this risk multiplies exponentially if it is used in multiple locations outside of an office or school and connecting to potentially insecure networks. We found professional services, government, and retail devices to be the most mobile, connecting from more than four separate locations on average. We also observed devices in EMEA and APJ to have connected from more locations than those in North America and LATAM.

An enterprise’s security posture is only as strong as the applications that support it, and left unchecked, every security control deployed on the endpoint can be a potential attack vector. We found that widely deployed, and critically important, security applications, including UEM, EDR, and VPNs, are working effectively on less than 80% of devices in most cases, sometimes as low as 35%. Further, more than 95% of devices with resilient, self-healing capabilities enabled reported healthy security applications, as much as 60% higher than those without.

When it comes to Zero Trust, a solution that can self-heal is the perfect way to ensure your employees, working from anywhere, remain secure and protected.

cyber daily discover
Absolute envisions a world where security and IT professionals always retain control over their devices and data....

Latest articles

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.