Beruflich Dokumente
Kultur Dokumente
Executive Summary
The number of threats to corporate internal networks has grown
disproportionate to the technical resources and capacity of enterprises to
properly addresses these threats. This report shows a breakdown of the
threats faced in organizations, identifying the most common threats, and
describing the different types of threats. According to analysts such as
IDC and Gartner, 90% of security threats are accidental. It’s also been
estimated that 80% of security threats originate within the organization.
15% of endpoints did not have the latest Microsoft service packs or
hotfixes
15% of endpoints had antivirus problems, meaning the antivirus was
Missing hotfixes
Misconfigured Antivirus and third-party agents
Power settings
The following table summarizes the findings compared to 2008 and 2007.
As shown, all threats are on the rise, with major jumps in the number of
missing agents, sharing and hotfixes.
Third-Party Agents
From 2008 to 2009, the results show a dramatic increase in missing third
party agents. As IT departments are getting more sophisticated, our
audits have been tracking a larger number of agents, such that this
year’s numbers provide a better representation of reality than previous
audits. Third-party agents are used for regulatory compliance, patch
updating, encryption, personal firewalls, etc. A workstation may have 5-6
different agents that should be running. The results of this year’s report
show how much of a challenge it is for IT to manage those agents.
The network complexity and the lack of administrator visibility mean that
IT departments are missing some of the dangerous activities of some of
the users. Savvy and technically-minded workers turn learn to uninstall
or disable endpoint security management agents they perceive as
disrupting their workflow. With or without malicious intent, end-users can
tamper with agents on their computers. This poses a threat to the
compliance and security posture of a corporate network.
Instant messaging use rises year to year, and companies are becoming
tolerant of the use of such programs. Typically, organizations have
authorized and unauthorized IM applications. Windows Live Messenger
is usually not considered a threat, for example. On the other hand,
applications like Skype and Digsby, which can use computer and system
resources would typically be outside the permissible use policy of many
companies.
Unmanaged Machines
All desktops, laptops and servers inside a corporate network need to be
a part of a “domain” or “workgroup” where they can be managed. In
other words, the administrator has access and can ensure that the
endpoint complies with company policy. Unmanaged computers can be
tricky to even identify on the network, without a tool such as Promisec
provides. In most networks, inspections found 2-3% of computers in the
network were unmanaged.
File Sharing
Today, file sharing has become common practice at the office.
Employees are using corporate issued computers to access shared
documents, audio and video files. Through carelessness, ignorance or
lack of oversight, this practice exposes network infrastructures to
tremendous risk. However, with the appropriate controls and monitoring
in place, organizations can protect themselves from costly personal or
corporate data theft.
Conclusion
Promisec’s annual study seeks to reveal serious yet resolvable problems
that persist at the endpoint level of enterprises and other organizations.
The company’s research has provided CIO’s with an unprecedented
glimpse inside their networks.
With new levels of visibility and control over the endpoints, organizations
have adopted Promisec CEM technology, dramatically improving their
endpoint management capabilities and eliminating costly risks to the
health of their businesses.
®
About Promisec
Promisec, Inc. provides clientless endpoint management (CEM) software solutions that give corporate IT administrators
unprecedented visibility, speed and control over internal network endpoints, in-depth real-time intelligence to identify
threats, and the tools to neutralize them. The company's products, Promisec Spectator® and Promisec INNERspaceTM,
are used by a wide range of SMBs and Global 2000 organizations. With 24/7 or on-demand clientless monitoring, compli-
ance and remediation, Promisec protects against business disruption caused by internal network threats while optimizing IT
operations and enabling organizations to confidently place trust in their most important assets - their people. Founded in
2004, Promisec's headquarters are located in Israel with offices in New York and Paris.
For
More Information
USA 2009 Red Herring 100 Award Win-
ner honoring Promisec as “one of
Promisec USA
the top 100 most promising tech
Promisec companies.”
55 Broad Street, Suite 20C
New York, NY 10004
Tel: +1 (212) 743-9916
Fax: +1 (212) 889-3213
Email: sales@promisec.com
Internet: www.promisec.com
Copyright® Promisec 2009. All Rights Reserved.
All technical specifications are subject to change.