Poor Staff Collaboration and Complexity of Software Hamper Security Efforts

Nearly a third of organizations report that collaboration between IT security and IT operations people is non-existent, and more than half believe collaboration between security and operations can be improved. That lack of communication could hurt environments where the adoption of mobile devices, cloud computing, and collaborative technologies is happening faster than organizations are able to adapt security policies, resulting in greater risk to sensitive data. The challenge is heightened owing to the complexity of endpoint management systems, whose features cross security and operation lines in most environments.

Those results come from a wide-ranging survey done by security research firm Ponemon Institute and commissioned by Lumension, which sells computer security products.

Endpoint security protects an organization's network from threats that include as virus and malware attacks, cyber crime, and employees' unauthorized use of mobile devices, as well as illegal applications on laptops, desktops, and other Internet-connected devices provided by the enterprise. The five most important features for managing endpoint security were identified by respondents as anti-virus and anti-malware technology (80 percent), whole disk encryption (70 percent), application control (69 percent), patch and remediation management (68 percent), and IT asset management (61 percent). The average organization has 3.7 software agents installed on each endpoint to perform management, security, and other operations and an average of 3.9 different software management consoles for endpoint operations and security.

The survey questioned 1,427 IT security practitioners and 1,582 IT operations professionals in the United States, Germany, Australia, New Zealand, and the United Kingdom with active responsibility for their data security and compliance efforts.

According to the survey, "Worldwide State of the Endpoint 2010":

  • 56 percent of respondents said mobile devices aren't secure, representing a risk to data security;
  • 49 percent said data security isn't a strategic initiative for their companies;
  • 48 percent said their organizations have allocated insufficient resources to achieve effective data security and regulatory compliance; and
  • 41 percent of individuals said there was a lack of proactive security risk management in their organizations.

Lumension said it commissioned the survey to better understand how emerging technologies, such as Web 2.0, mobile computing, and the "consumerization" of IT--the accommodation and integration of employee-owned mobile devices within the enterprise--are affecting environments and how organizations are managing security risks across IT operations and security. According to the study, four out of 10 respondents said their organizations permit users to connect their own computing devices to its network or enterprise systems. However, only a quarter of organizations have a policy guiding those connections.

This suggests, the report explained, that many organizations aren't taking steps to secure mobile devices personally owned by users. Yet 72 percent of respondents said they view negligent insiders as a top security threat heading into 2010.

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • Global AI vibrancy ranking

    United States Leads in Stanford HAI Global AI Ranking

    A new ranking tool from the Stanford Institute for Human-Centered AI (HAI) AI Index puts the United States in the No. 1 spot for global AI leadership.

  • person signing a bill at a desk with a faint glow around the document. A tablet and laptop are subtly visible in the background, with soft colors and minimal digital elements

    California Governor Signs AI Content Safeguards into Law

    California Governor Gavin Newsom has officially signed off on a series of landmark artificial intelligence bills, signaling the state’s latest efforts to regulate the burgeoning technology, particularly in response to the misuse of sexually explicit deepfakes. The legislation is aimed at mitigating the risks posed by AI-generated content, as concerns grow over the technology's potential to manipulate images, videos, and voices in ways that could cause significant harm.

  • pattern featuring interconnected lines, nodes, lock icons, and cogwheels

    Red Hat Enterprise Linux 9.5 Expands Automation, Security

    Open source solution provider Red Hat has introduced Red Hat Enterprise Linux (RHEL) 9.5, the latest version of its flagship Linux platform.

  • MathGPT

    MathGPT AI Tutor Now Out of Beta

    Ed tech provider GotIt! Education has announced the general availability of MathGPT, an AI tutor and teaching assistant for foundational math support.