Failure is inevitable with endpoint security tools. In fact, the 2019 Global Endpoint Security Trends Report conducted by Absolute Software reached the conclusion that 100% of devices will experience an encryption failure within one year and that median time-to-failure can happen as little as six hours.
Karen Schwartz filed this report for ITProToday:
“If we define failure as ‘unable to detect an ongoing attack,’ then the attacker may be able to steal local data from that endpoint and set an initial foothold in the organization. It will be up to the rest of the security architecture to detect it, which is more difficult but certainly not impossible,” said Fernando Montenegro, a senior analyst at 451 Research. “If we define failure as ‘interruption of service,’ then a failed endpoint may lead to loss of productivity, as an example.”
According to the report, one of the reasons for this failure is that most organizations have too much complexity at their endpoints, with 10 or more endpoint security agents installed. Too many tools make the environment difficult to test and protect properly. The report found that 28% of endpoints have missing or outdated endpoint protection tools. All of this complexity increases the odds that agents will conflict and decay, the report concluded.
The report also found that endpoint controls degrade over time, due to issues like malfunctions, misconfiguration or somehow becoming disabled. The report found that more than 42% of endpoints experience encryption failures at any point in time, rendering endpoints unprotected. It also found that 2% of encryption agents fail every week, with an 8% failure every 30 days and 100% within one year.
On average, the median time-to-failure for encryption across all devices is just 12 days, the report said, but can happen in as little as six hours. It also found encryption recovery times to be too lengthy, leading to an average window of vulnerability for unencrypted devices of 12 days. Thirty percent of devices remain unencrypted for more than 60 days, the report concluded.
Finally, the report found that client management and patching tools break often. According to the report, 19% of endpoints must be patched or repaired monthly. And, of patching agents that need repair, 50 percent must be repaired at least three times.
