-- Missing third-party agents
-- Unauthorized peer-to-peer applications
-- Microsoft products missing recent service packs or hotfixes
-- Antivirus problems, meaning the antivirus was disabled, missing, or
not updated for the latest version
"It's increasingly difficult for IT staff to get full visibility of the
endpoints," said Robin Mayo, President of US Operations of Promisec. "Today
many endpoints are running 5 or 6 agents for standards compliance or to
meet security standards. It's no surprise that in many organizations, more
than 20% of endpoints are missing or have misconfigured one or several of
those agents."
The report covers the trends and incidence of the following threats to
corporate networks:
-- Missing third-party agents, such as encryption, personal firewall, and
other management and compliance tools.
-- Anti-virus problems, such as disabled or missing antivirus, or lack of
recent updates
-- Peer-to-peer applications
-- Missing Microsoft service packs and hotfixes
-- Dual connectivity through wireless and mobile networks
-- Existence of hacking software
-- Unmanaged workstations
-- Unauthorized Virtual Machine software use
-- Unauthorized USB and PDA use
"Today, users and applications are sophisticated," said Hilik Kotler,
Promisec Co-Founder and EVP Business Development. "Users can easily bypass
security enforcement mechanisms by using unauthorized devices, installing
unauthorized applications, and disabling required updates or security
maintenance tasks. Most of this behavior isn't malicious, but it poses
serious threats to corporate networks. Our inspection was able to identify
this behavior, where client-based solutions tend to fall short."
According to the report, all organizations were at risk with problems
involving employee misconduct and technical errors on the endpoints. No
organization showed a clean bill of health.
Promisec's annual study aims to reveal serious problems that persist at the
endpoint level of enterprises and other organizations. The company's
research has provided CIOs with unprecedented visibility inside their
networks. The full report is available at
http://www.promisec.com/security_audit_report.html.
Promisec offers a free security and compliance audit to qualifying
organizations. To apply for a free audit, visit
http://www.promisec.com/free_audit_request.html.
About Promisec
Promisec, Inc. delivers Clientless Endpoint Management (CEM) software
solutions that eliminate threats and optimize corporate internal networks
with unprecedented visibility and control over the endpoints. Promisec's
patented technology allows IT managers to identify and resolve security,
compliance and policy issues in a matter of minutes, without making any
changes to the network or endpoints.
Founded in 2004 by former military intelligence experts, Promisec's
management team brings broad high-level executive experience in the network
security industry.
Promisec is a privately held company with headquarters in Israel and
offices in New York, Tokyo and Paris. Our customers include Forbes Global
2000 companies and other organizations in the manufacturing and service
industries as well as government and health care institutions.
For more information, see www.promisec.com.
Contact Information: Contact Rebecca Rachmany rebecca.rachmany@promisec.com US Phone: 1 (212) 743-9921 International: +972-54-6678863 55 Broad Street, Suite 20C, New York, NY 10004 Rebecca Porter Rainier Communications rporter@rainierco.com Phone: 1-508-475-0025 x114 1700 West Park Drive, Suite 190, Westborough, MA 01581
