New research challenges misconceptions about the security of our endpoint devices.

The only thing worse than no security is a false sense of security. While there are few, if any, enterprise organizations that have no endpoint security in place, a recent study by Absolute identified a serious cause for concern — the fundamental endpoint security tools in which so much faith is placed, fail us regularly.

The research studied more than six million devices over a one-year period and examined one billion change events to see how security solutions performed — or failed to perform — during that time frame. The findings were staggering and categorically discredit some long-held myths about the state of endpoint security.

Myth #1: More third-party security tools result in more secure devices

Our research found that devices have an average of 10 endpoint security agents installed.

These include encryption, antivirus/ anti-malware (AV/AM), client/patch management, and other endpoint protection tools from a variety of different vendors.

On the devices we examined, more security tools did not equate to more secure devices. Paradoxically, the complexity introduced by multiple agents actually leaves organizations more vulnerable to attack. When it comes to endpoint security, the more dangerous outcome is not too little technology, but too much.

For example, we identified more than one AV/AM agent per device on the majority of devices studied (1.2 AV/AM agents per endpoint). The likelihood that these agents will conflict and collide with one another is high as they compete for device services and resources and create blind spots for security teams.

It’s clear that access to endpoint security solutions is not a problem — most organizations have sufficient budget to cover the costs. The real problem organizations face is in ensuring that these controls remain in place and are functioning correctly at all times.

If basic visibility, control, and resilience measures are not in place, adding additional security tools to already bloated devices will only exacerbate the problem.

When it comes to endpoint security, the more dangerous outcome is not too little technology, but too much. 

Myth #2: Only a negligible subset of your device population is unprotected at any one time

  1. 100 percent of your devices will experience encryption failure within one year. Encryption is often considered the principal endpoint data security solution. And while it is necessary, it requires persistent controls and continuous maintenance to ensure it’s operating effectively. Our study found that encryption is regularly broken, disabled, misconfigured, or missing entirely. At any given point in time, over 42 percent of endpoints had an encryption failure and 100 percent of devices experienced encryption failure within one year. Encryption recovery times are equally as concerning — the average window of vulnerability for unencrypted devices was 12 days, but 30 percent of devices remained unencrypted for more than 60 days.
  2. Your CMT tools break frequently. Client management and patching tools fail regularly. This is astounding since these agents are in place to ensure patch management is effective. However, almost 20 percent of endpoints required at least one client/patch management repair monthly. Of those patching agents requiring repair, 75 percent reported at least two repair events and fifty percent reported three or more repair events.
  3. 28 percent of your devices have missing or outdated AV/AM tools. AV/AM is endpoint security 101. However, our analysis revealed that, at any point in time, 21 percent of AV/AM solutions are outdated and 7 percent are missing altogether. In other words, 28 percent of all endpoints are unprotected on any given day.

Myth #3: More budget for advanced endpoint security technology is required

Security budgets continue to rise year over year in an effort to mitigate the ever-increasing data security risks. The global spend on IT security is predicted to total $128 billion by next year. However, our research indicates that this spending could be done in vain. As much as 40 percent of endpoint security spend is squandered on solutions that simply don’t work.

It is certainly important to keep pace with advances in endpoint security technology — but investing more money into exciting new technologies such as blockchain, artificial intelligence, and machine learning is futile if the basics are not operating effectively.

The fact remains, the efficacy of any endpoint security tool diminishes significantly over time — unless those tools are deliberately controlled to improve their resilience.

Key Takeaway from 2019 Endpoint Security Trends Report: Strengthen Existing Security Solutions

Our analysis doesn’t mean that existing security tools are useless — they just need a watchdog to ensure they remain resilient.

Absolute’s technology is embedded in the firmware of more than 70 percent of the world’s endpoint devices. Because it’s the only embedded security solution, it is the only cloud-based platform that maintains a persistent connection to devices, regardless of user behavior or device performance.

This persistent connection enables IT and security professionals to keep a close eye on existing security controls to ensure they’re always performing as they should. It helps you unlock the value of your existing investments while enabling you to feel secure in the knowledge that your devices are protected — and if they’re not, you have controls in place to either fix them or lock them down.

Interested in taking a deeper dive into the state of endpoint security? Read the full report: 2019 Endpoint Security Trends Report.