Promisec™ Ltd, a technology leader in endpoint security management with the industry’s first agentless monitoring and remediation solution that supports layered internal security management, today revealed findings from audits performed at 30 large organizations covering 193,000 corporate endpoints. The results from these findings indicate the prevalence of unauthorized software, rogue processes and endpoint security gaps that have the potential for significant security issues at the nation’s largest organizations.
Findings of the Promisec summary audit conducted over the last twelve months revealed that 25,090 (13%) of the corporate PCs surveyed had unauthorized USB devices attached to them, opening the door to data loss and the opportunity for USB-borne viruses and malware to enter the corporate network. 7720 (4%) of corporate PCs had peer-to-peer (P2P) applications installed. 2895 (1.5%) of the corporate PCs did not have the latest Microsoft service packs and 3281 (1.7%) had anti-virus monitoring and remediation issues. 2316 (1.2%) of the 193,000 audited endpoints were without required 3rd party desktop security agents. Finally, 1582 (0.8%) of endpoints had unauthorized remote control software, and a lesser percentage had unauthorized and unprotected shareware.
Promisec Ltd. regularly conducts comprehensive security audits at potential customer sites to identify the prime threats to internal network security, originating at endpoints enterprise-wide. The audit takes less than an hour after implementation of Promisec Spectator Professional, installed on a single enterprise workstation. The software’s ability to perform discovery and provide reporting across all corporate networks produces a detailed synopsis of processes, devices and other activities on the network which may be outside of corporate policy, revealing the current state of internal network security. As revealed in these findings, data loss and illegal software introductions are the two largest threats, driven by the unauthorized connection of USB-attached mass storage devices.
“Organizations are becoming more adept at identifying security threats to their external networks, but internal network security issues represent a substantial problem for businesses challenged with preventing loss of corporate IP and the infiltration of their networks by malware inadvertently introduced by employees and business partners,” said Amir Kotler, CEO of Promisec. “The answer to this problem is first understanding the magnitude of it. The loss of internal financial data, customer lists and proprietary product details can be devastating while the introduction of malware can significantly slow down business efficiency – all of which can be prevented by implementing a strong endpoint security strategy.”
Itemized findings of the top threats to internal network security is available by contacting Promisec at 212-743-9916 or by emailing audit-requests[.]promisec.com.
Visit the Promisec Website to learn how to improve enterprise endpoint security. Promisec Spectator Professional is available through North American resellers.
Promisec, Ltd. is an award-winning technology leader in agentless endpoint security management software. The company offers industry proven internal network security solutions in use by Global 2000 organizations, including AGF, AmeriQuest and Comverse. The company’s flagship product, Promisec Spectator Professional, protects against business disruption from internal network threats with the only agentless endpoint security management software to deliver both monitoring and remediation and the ability to manage third-party security products for a layered approach to corporate network security. Privately held and founded in 2004, Promisec’s main headquarters are located in Israel with offices in New York, Boca Raton, London and Paris. The company’s U.S. headquarters are located at 461 Fifth Avenue, 8th Floor in New York City, NY 10017.
Promisec, the Promisec logo and Spectator Professional are trademarks or registered trademarks of Promisec, Ltd. All other product and brand names mentioned in this document are trademarks or registered trademarks of their respective owners.