Endpoint security non existent at 50% of organisations

Half of respondents to a Twitter poll carried out by Osirium Technologies described their organisation’s endpoint management security as ‘non-existent’

Half of respondents to a recent Twitter poll carried out by Osirium Technologies, a UK-based vendor of Privileged Access Security (PAS) solutions, describe their organisation’s endpoint management security as ‘non-existent’. One in 10 (11%) admit that it’s their lowest priority.  

Of those that have implemented or are in the process of implementing an endpoint security strategy, 16% describe themselves as ‘all over it’ while a quarter (24%) say it’s a work in progress. When asked about the main factors driving their organisation’s need for endpoint security, protecting business data (35%) and avoiding employee error (25%) came out on top. However, for one fifth of respondents (21%) it’s simply ‘a tick-box exercise’.  

Endpoint management security 

Endpoint management allows IT teams to identify, monitor and control end-users’ access to corporate networks and systems. This protects data from being exposed to a breach through employee mistakes that allow malware or ransomware to be installed, for example, and the abuse of local admin accounts by cyber-attackers. It also adds a layer of protection if devices lack the necessary security tools or configurations to defend against attacks.  

A key part of endpoint security is the removal of local administrator rights from users, controlling how they connect to systems. However, many respondents are concerned about the impact this will have on the business. 

More than a third (36%) say the biggest challenge with removing local admin permissions is that it would upset users. A quarter (25%) believe it would increase workloads, and a further 21% are worried that it would hinder productivity, with employees finding themselves unable to carry out tasks, and the IT helpdesk inundated with requests for simple actions such as software installations. Only 18% are worried about the technology side of things, citing complexity of endpoint security solutions as the biggest challenge. 

Many respondents (41%) don’t know how their organisation tracks local admin accounts. The majority of those that do so use manual systems – 21% paper-based logs and 23% spreadsheets – which can be laborious and unreliable. Only 15% have an endpoint management system (EPM).  

It appears that respondents are under no illusion that their existing endpoint security approach is suboptimal. Only half (49%) are confident that it will present abuse of local admin access, with more than a third (35%) having no confidence at all.  

David Guyatt, Chief Executive Officer of Osirium said: “A lack of awareness of the importance of securing endpoints, and how best to do it, is leaving organisations open to attack. The responses to our poll suggest that for a significant proportion endpoint management is not even on their radar. This appears largely to boil down to worries over the impact that removing local admin rights will have on the business, and this reflects what we’re hearing from our customers.  

“The solution is endpoint privilege management, which switches focus from elevating users’ access privileges to allowing elevated privileges for specific processes and applications, and only for as long as the user needs them. This reduces the attack surface without employees having to change the way they work, or getting frustrated waiting for permissions to be granted.” 

Attracting 1,663 responses, the Osirium Technologies Twitter poll was conducted during the week of 25 July 2022. 


Featured Articles

Tech & AI LIVE: Key Events that are Vital for Cybersecurity

Connecting the world’s technology and AI leaders, Tech & AI LIVE returns in 2024, find out more on what’s to come in 2024

MWC Barcelona 2024: The Future is Connectivity

Discover the latest in global technology and connectivity at MWC Barcelona 2024, where industry giants converge to discuss 5G, AI and more industry trends

AI-Based Phishing Scams Are On The Rise This Valentine’s Day

Research from Egress Threat Intelligence, Avast, Cequence Security & KnowBe4 outlines how AI is being used in dating app phishing scams on Valentine’s Day

Speaker Lineup Announced for Tech Show London 2024

Technology & AI

Darktrace predicts AI deepfakes and cloud vulnerabilities

Cloud Security

Secure 2024: AI’s impact on cybersecurity with Integrity360

Technology & AI