Armour Comms launches first secure Voice over IP... » London: Armour Communications has announced its integration with Skype for Business. Armour Mobile i... Anam Technologies selected by Deutsche Telekom a... » DUBLIN, BONN:  Anam Technologies has gone into partnership with Deutsche Telekom International Carri... 6.7 percent of programmes on private UK PCs are en... » Maidenhead, U.K: The average private user in the UK has 72 programmes installed on their PC, and 6.7... Multitone’s EkoSecure Personal Alert System chos... » Multitone Electronics plc has announced that its German-based team, Multiton Elektronik GmbH, has su... IoT 2020: Smart and secure IoT platform » Geneva, Switzerland: The Internet of Things (IoT) significantly impacts the global economy and is ex... Letterbox company to keep properties safe with inn... » A specialist mailbox manufacturer has made a pledge to enhance the security of UK properties through... MDS expands portfolio of cost analytics solution... » Warrington, UK: MDS has announced the launch of a suite of cost efficiency analytic solutions design... Post-Truth, Post-West, Post-Order? » Munich Security Report 2017 With Foreword By Ambassador Wolfgang Ischinger, Chairman of the Munich ... NuData Security comments on fraud costing the UK £... » Crowe Clark Whitehill has just released its Financial Cost of Fraud report  which states that fraud ... Edesix selected as body worn camera provider for U... » Edinburgh-based Edesix Ltd. has been selected as the Body Worn Camera provider of choice for Her Maj...

CLICK HERE TO

Viewpoints Header

London, UK: Shavlik has announced the results of its yearly study regarding issues related to endpoint security and patching for IT professionals. VMworld Europe 2016 was an opportunity for these experts to meet and share best practices. Shavlik and AppSense used it to collect data from these frontline experts, to highlight patch management and security concerns in corporations.

Key figures:

- 80% of IT professionals have implemented a patch policy to enhance their organisation’s security.

- 77% said that Microsoft OS represents the biggest challenge in terms of patching operating systems, and 59% indicated that Oracle is the most challenging 3rd party application.

- 55% of IT professionals believe that the visibility they have into their company’s IT security posture is insufficient.

- 55% of the companies surveyed give employees’ administrator rights, substantially increasing security risk.

- Patch management takes more than 8 hours per month for two-thirds of the companies.

A whopping 178 professionals responded to the survey. For 76.5% of them, the Microsoft OS poses the biggest patch challenges for their company. This figure is down from last year’s 86%, so Microsoft seems to be improving. Linux (19.1%) and Mac (4.2%) are also mentioned but to a lesser extent, which can be explained, at least in part, by the smaller number of devices using these operating systems, and fewer patches released for them each month.

Patching the OS is only a small part of the equation when it comes to an effective patch management strategy. When asked about the challenges of patching applications, Java was mentioned as the most difficult application to update by 59% of respondents, followed by Adobe Reader/Flash Player - 38%, Google Chrome - 21%, Firefox - 18% and Apple iTunes - 10%.

79.7% of IT managers have implemented a policy to manage patching, which is good news. However, while 37.2% report spending fewer than 8 hours a month on patching, 29.6% spend more than 16 hours a month, and 14% spend more than 48! This amounts to a day and a half on average for most organisations, which is far from efficient.

Finally, 54.7% of companies grant full administrative rights to their employees, making their systems more vulnerable to malware. This approach increases risk in the event of a malware attack, since there is no way to limit the damage by restricting user rights to infected devices.

Andy Baldin, VP EMEA Shavlik, comments: “The results of this survey show that the need to establish a patch management policy is recognised by an increasing number of IT departments. Despite this, many companies spend too much time on patch management issues, and manage the rights of their employees in a way that unknowingly promotes risk. This confirms the importance of our work in supporting companies in managing their patches, enabling them to reduce costs, save time and minimise risks to the security of their IT assets.”

Baldin emphasises the importance of facilitating companies’ work to secure and manage their patching: "The results of our study shows that 7% of respondents do not have IT security systems in place or do not know if there is one, 3% have only one backup system, 13% just have antivirus, 7% a firewall and 10% an antivirus coupled with a firewall. This means, 40% of respondents could easily improve their endpoint security. To help organisations, Shavlik publishes a monthly report each Patch Tuesday: we watch and provide our analysis of the latest patches, to help companies prioritise the allocation of their IT security resources. "