June 10, 2016 By David Strom 2 min read

Two different surveys have been published in the past several months looking at the state of endpoint security, with particular respect to the mobile endpoint. The surveys mostly agree and cover the usual security chestnuts, but both have some interesting and unexpected results, too.

Looking Ahead With Endpoints

The first is an IBM-sponsored study titled “Can We Say Next-Gen Yet? State of Endpoint Security — A SANS Survey” and comes from the SANS Institute. It stated, “The understanding of what constitutes an endpoint is changing rapidly as the network perimeter is dissolving … [and] a wider variety of devices is being connected to the network.”

This is especially the case thanks to the mobile endpoint, which is changing the landscape of mobility and connectivity in the enterprise. Interestingly, the survey found retailers aren’t the only ones using point-of-sale (POS) devices — they’re becoming prevalent in other types of organizations as well. Additionally, 9 percent of the respondents have connected wearable devices to their enterprise networks.

Also interesting is that POS systems and wearables are more likely to be covered by security vulnerability management programs — even more likely than network-connected printers, which have been around for decades.

Sadly, printers are often used as entry points by cybercriminals. The SANS report strongly recommended that organizations take a closer look at their printer fleet and include them in their vulnerability management initiatives in the near future.

The Mobile Endpoint Brings Several Challenges

The second survey is the “2016 State of the Endpoint Report,” published by the Ponemon Institute and sponsored by CounterTack. It found that 60 percent of respondents said it was more difficult to manage endpoint risk in the past 24 months because of increased focus on the mobile endpoint by malware.

One issue is that the majority of IT departments feel they don’t have sufficient resources to protect their networks: Only 36 percent of respondents in this year’s study feel that they have ample budget and staff to manage their endpoint security properly, while 71 percent stated their security policies are difficult to enforce.

Counterbalancing this is the fact that the endpoint as a security sensor is becoming more of an option for organizations. More than half of those surveyed by Ponemon indicated they are either doing this today or plan to do so in the next two years.

Both surveys found that companies are being more proactive in finding breaches: SANS reported 21 percent of this year’s respondents have detected compromised systems ahead of any alarms or other indications, compared to 16 percent last year. The notion of hunting for exploits ahead of time is certainly catching on.

Finally, SANS suggested that IT should “involve all stakeholders whenever making decisions about endpoint management. The evolution of endpoints means that processes for managing them will also evolve” — pretty sage advice.

Read the complete SANS Survey on the State of Endpoint Security

More from Endpoint

Unified endpoint management for purpose-based devices

4 min read - As purpose-built devices become increasingly common, the challenges associated with their unique management and security needs are becoming clear. What are purpose-built devices? Most fall under the category of rugged IoT devices typically used outside of an office environment and which often run on a different operating system than typical office devices. Examples include ruggedized tablets and smartphones, handheld scanners and kiosks. Many different industries are utilizing purpose-built devices, including travel and transportation, retail, warehouse and distribution, manufacturing (including automotive)…

Virtual credit card fraud: An old scam reinvented

3 min read - In today's rapidly evolving financial landscape, as banks continue to broaden their range of services and embrace innovative technologies, they find themselves at the forefront of a dual-edged sword. While these advancements promise greater convenience and accessibility for customers, they also inadvertently expose the financial industry to an ever-shifting spectrum of emerging fraud trends. This delicate balance between new offerings and security controls is a key part of the modern banking challenges. In this blog, we explore such an example.…

Endpoint security in the cloud: What you need to know

9 min read - Cloud security is a buzzword in the world of technology these days — but not without good reason. Endpoint security is now one of the major concerns for businesses across the world. With ever-increasing incidents of data thefts and security breaches, it has become essential for companies to use efficient endpoint security for all their endpoints to prevent any loss of data. Security breaches can lead to billions of dollars worth of loss, not to mention the negative press in…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today