Eighty-one per cent of corporate end points failed basic security checks in a global survey by security solutions and services provider Sophos.
According to the security firms initial findings from the Sophos Endpoint Assessment Test, these checks established the ability of enterprises to properly assess and control baseline endpoint security requirements such as updated patches, enabled firewalls and current anti-malware signatures updates.
Machines that fail such a test represent low hanging fruit for cyber-criminals and a real danger to their corporate networks, said Jim Dowling, director of sales for Asia, Sophos.
Sophos free online scanning service checks for endpoint security vulnerabilities. The test looks for missing Microsoft security patches, disabled client firewalls, or missing endpoint security software updates. The test ran for 40 days and collected information from more than 580 PCs worldwide. For this test, Sophos collected data from 583 corporate endpoints across all geographies including countries in North America (39 per cent of the sample base), the UK (36 per cent), Australia (11 per cent), Germany (9 per cent) and others (5 per cent).
Missing and/or disabled
According to the IT security company, its findings showed that 63 per cent were missing at least one Microsoft security patch from one of the following: Microsoft Windows operating system, Microsoft Office, Microsoft Internet Explorer, Microsoft Media Player or Flash Player. Meanwhile, 51 per cent of endpoints tested had disabled client firewalls and 15 per cent had out-of-date or disabled end point security software.
Sign up for Computerworld eNewsletters.