In today's digital-first world, the integrity and security of our applications and our networks are of utmost importance. However, alarming new data reveals significant vulnerabilities that, if ignored, could lead to catastrophic consequences for enterprises.
All too often, application health is an overlooked and underestimated component of the cyber resilience puzzle. Over the past decade, cybersecurity spending has skyrocketed, with many billions being invested each year in adding new security capabilities to prevent attacks. Despite these investments, breaches continue to occur in record numbers and with increasing sophistication. This is in part because, with the introduction of each new capability, we also introduced a new layer of complexity at the endpoint, and that in turn undermines the health of the applications deployed to protect our devices, data, and users.
To fully understand this problem, we need hard data. Absolute's Persistence technology is embedded in the firmware of more than 600 million endpoints worldwide. When enabled, it provides customers with valuable telemetry about their endpoints and the applications installed on them. Consequently, we can offer a distinctive perspective on device health, commonly used security and business applications, and network connections.
To shed light on the complexity and the vulnerabilities faced, we recently analysed data from thousands of our customers, covering nearly five million Absolute-enabled endpoints. The results, which we discuss below, highlight why we need robust tools that are capable of strengthening both endpoint and network resilience.
Let's dig into this data and look at the details:
Delayed Patching
Enterprise Windows 10 devices lag by an average of 63 days in patching. This essentially means that for over two months, these devices are exposed to known vulnerabilities that can be exploited by malicious entities. Most security teams know that patching is a key control for maintaining security, but many of those teams don't know just how badly out of-date their systems are.
Overburdened by Security Apps
With an average of more than 11 security applications installed on enterprise devices, one might assume they are well-protected. Unfortunately, as mentioned earlier, a surplus of security tools can result in overlaps, conflicts, and eventual decay, potentially creating gaps in defence mechanisms.
Vulnerable Remote Access Tools
With the rise of remote work, secure remote access tools are more critical than ever. However, a staggering one in four devices have an unhealthy remote access tool, either not installed correctly, with broken configuration or with stopped processes. This lack of network security poses risks not only to your data but to the endpoint device itself.
Encryption Concerns
An alarming 17% of active enterprise devices over a 30-day period lack full encryption. Dive deeper into the data, and the concern magnifies: 15% of these unencrypted devices contain sensitive data, such as PII or PHI. This means that one in six unencrypted enterprise devices could be a goldmine for cybercriminals. Having encryption enabled is often a legally required control, and failure to prove its activation can expose an organisation to liability. Unfortunately, encryption controls frequently fall out of compliance.
Sensitive Data on the Move
Data is the lifeblood of enterprises, so protecting it is paramount. Nonetheless, 75% of enterprise laptops store sensitive data, and 19% contain high volumes (500+ instances). The vulnerability of this data is further exacerbated when we consider encryption or the lack thereof. These numbers paint a clear and concerning picture. The complexity and fragility of endpoint security controls mean that, despite all the money organisations invest to make their endpoints secure, their devices fall short of the desired level of protection.
What's the way forward? Enter resilience and self-healing applications.
Self-healing applications are designed to automatically detect and rectify faults or vulnerabilities, reducing the need for human intervention. In light of our data, such applications can autonomously identify and address vulnerabilities, whether they result from delayed patches, conflicts between endpoint apps, or tampering from negligent or malicious users. Absolute Application Resilience not only collects telemetry data about your endpoints' health but also provides the capability to automatically restart, repair, or reinstall non-compliant applications.
Over the past 90 days, our Application Resilience has performed millions of repair actions, averaging more than 1.5 repairs per endpoint each month. To provide context for businesses, if you have 1,000 users, we're performing a repair roughly every 30 minutes. The frequency and diversity of automated repairs highlight the extent of health issues within mission-critical endpoint tools and the positive impact automation can have in remediating these issues.
In a continuing era of complex and widespread cyber threats, being reactive is not sufficient. Enterprises must adopt a proactive approach, incorporating forward-thinking solutions like self-healing applications and ensuring their devices can withstand, adapt to, and recover quickly from threats.
Only by embracing resilience can we safeguard our digital future.