Complacency Reigns: IT professionals overlook endpoint security
More than one-fifth of businesses are failing to include security requirements in their requests for proposals (RFPs) or tenders when setting out to procure new endpoints
History is full of great walls and fortifications designed to defend resources and reputations against threats. Yet, time and time again we’re reminded just how ineffective they are.
Data represents one of today’s most precious and valuable resources, with companies spending millions protecting their (and their customers’) sensitive digital information. But while many build robust security around data centres and cloud-based data, it only takes one malicious link opened on a PC or mobile device, or a few lines of malware inserted into a printer, to open the gates and compromise an entire organisation.
Why endpoint security will be vital for companies in 2020
The connected workplace – a hacker’s playground
In recent years, digital connectivity in the workplace has come to the fore in order to increase productivity and enhance efficiencies. As a result, endpoint devices, a category that includes desktop and laptop PCs, mobile hardware and printers – have become the new front line of cyber security. Cyber criminals are not trying to climb or demolish the big firewall, they attack each brick – or endpoint device – to find the weakest point where they can enter without being detected.
With pre-made tools to hack devices on the dark web, malicious actors can attack an organization millions of times each day, in the hopes of finding just one-way in. Once access to a single device is gained, hackers bide their time, working their way into an organization over weeks, or even months, until they are capable of inflicting significant damage that compromises core data for ransom or worse.
Despite this, according to recent IDC research commissioned by HP, only 28% of IT professionals identify endpoint device security as a significant component of their organization’s cyber security strategy. The IDC research, which focuses on the security protocols and viewpoints of IT leaders across North America and the EU, shows a pronounced cyber security under-awareness and under-preparedness, particularly amongst devices that are most at-risk of attack: PCs and printers.
The research highlights that an incredible 48% of IT professionals don’t include printers as a consideration within their endpoint security strategy. Often the weakest link, printers can be compromised just as readily and, in many cases more readily, than a PC – making this lack of protection a pointed area of concern.
However, when asked about printers, approximately 60% of security leaders believe these devices to be low or no risk, even though they have all the same components of a personal computer. Amongst IT professionals, even PCs are under protected, with just 89% and 82% of respondents, respectively, including desktop and notebook PCs as part of their endpoint security plan.
The way to a more secure future
In Ireland, despite the known vulnerabilities and daily reports of breaches in the news, recent CSO figures show that almost a fifth of Irish businesses suffered a technology related security incident in 2018, with most of those issues relating to either a denial of service attack, a ransomware issue or a software failure. As a result of those issues, 5% of enterprises reported the destruction or corruption of data, with almost 3% noting confidential data was disclosed.
Such compromises can have a devastating impact on business, and recent high-profile attacks including the one experienced by the Football Association of Ireland (FAI) earlier this year show just how vulnerable sensitive digital information is to system weakness.
So, where are the mistakes being made that unknowingly open the doors for attack? Most often, they are found in the procurement department, which is responsible for the purchasing decisions. According to the HP-IDC survey, 30% say security requirements are not in any way specified in their organizations’ procurement processes. When choosing PCs, leading companies place security as the top consideration, whereas purchasing managers see it as the lowest level consideration and remain focused on cost and performance.
To adequately protect their business from malicious attacks that can destroy entire organizations, procurement departments must treat every purchasing decision as a security decision – selecting the most resilient devices that will ultimately act as their front-line of defence.
Only by aligning their IT security strategy with procurement priorities – and by taking advantage of modern security capabilities built-in from the hardware-up – can organisations become truly secure, protecting their most valuable resources in the process.
By Gary Tierney, who is the Managing Director of Ireland at HP and has been with the company for more than thirty years, having joined as a sales executive in 1989.
He has held various roles during his time with HP, with notable positions including Country Manager for the company’s Imaging and Printing Group and Country Manager for HP’s Printing and Personal Systems divisions.
Read more about HP’s IDC research here: https://www8.hp.com/h20195/v2/GetPDF.aspx/4AA7-6414ENUC.pdf
See more stories here.
More information about Irish Tech News and the Business Showcase
FYI the ROI for you is => Irish Tech News now gets over 1.5 million monthly views, and up to 900k monthly unique visitors, from over 160 countries. We have over 860,000 relevant followers on Twitter on our various accounts & were recently described as Ireland’s leading online tech news site and Ireland’s answer to TechCrunch, so we can offer you a good audience!
Since introducing desktop notifications a short time ago, which notify readers directly in their browser of new articles being published, over 16000 people have now signed up to receive them ensuring they are instantly kept up to date on all our latest content. Desktop notifications offer a unique method of serving content directly to verified readers and bypass the issue of content getting lost in people’s crowded news feeds.
Drop us a line if you want to be featured, guest post, suggest a possible interview, or just let us know what you would like to see more of in our future articles. We’re always open to new and interesting suggestions for informative and different articles. Contact us, by email, twitter or whatever social media works for you and hopefully we can share your story too and reach our global audience.
Irish Tech News