End point security which is a key component in the information security defences of organisations, is being totally overlooked by a significant number of organisations, according to a survey released today by Secure Computing Corporation.
A fifth of organisations do not have any form of end point security which means that their corporate networks and data are potentially exposed to hackers and criminals who can access sensitive information from unprotected access points.
In addition 49% of organisations do not even use desktop firewalls for end point security, this is the most basic and fundamental level of security that should be deployed to prevent unauthorised access to sensitive information.
Protecting the operating system by ensuring it has the latest available patches installed is a further area that needs improvement with over a third (37%) of organisations not keeping their operating systems up-to-date.
Anti virus software which is one of the most fundamental IT security defences is not used at the end points of 20% of organisations, which is a shocking statistic given that the survey was carried out amongst 227 information security professionals at Infosecurity Europe 2006.
The survey questioned further on views about identity and access management, 46% of organisations are very exposed as they are still only using passwords, 40% are now using hardware tokens, 10% are using smartcards and 5% biometrics, a few organisations (2%) are not using any access control. Nearly four out of ten (38%) security experts believe that two-factor authentication is now the solution to phishing and identity theft. It is well known that hackers use many effective tools to compromise users’ passwords. Such tools include sniffing, brute force attacks, dictionary attacks, personal information gathering, and social engineering (sneaky efforts to get someone to reveal their password). Hackers install keystroke-grabber software on public Internet terminals. Network sniffers steal passwords over wireless networks. Using these attacks, a password is just as vulnerable if it’s “johndoe” or “gIw$H1#5W.”
A third of respondents believe it takes at least 24 hours for a signature to be developed to protect against an exploit after it appears in the wild and a further 17% believe it takes a week. Hence the need for ‘zero hour’ defences that protects a network against unknown threats. Only 16% thought that it took an hour and 17% thought that it takes two hours. The majority of people (70%) do not believe that signature based security is sufficient in itself to protect an organisation. Unknown attacks are quickly becoming the next great information security challenge for today’s organizations. In the first half of 2005, over 10,800 new virus and worm variants were identified for the Win32 platform alone, representing an increase of 48% over the prior six-month period. As the window of time between the disclosure of a new vulnerability and the emergence of unique threats that operate against it continues to diminish, so does the effectiveness of many conventional countermeasures, including patch management.
“This survey has revealed that organisations still have a lot of work ahead of them to secure their information. Identity and access management is key to ensuring that people only have access to the information that they need and are authorised to use”, said Andy Philpott, Vice President, Secure Computing, EMEA. Philpott continued, “Identity and access management, Threat Management and Content Security Management, are essential to protect sensitive data held in trust by organisations and prevent identity theft. For an organisation to be secure in the current environment of increased cyber-crime, it must create a culture of security awareness in the people who have access to data. A security culture should be based on a strong security policy underpinned by ‘ease-of-use’ proven technology that protects against both known and unknown threats.”