Absolute Software’s Annual Endpoint Risk Report Underscores Compromised Security Controls Widening Enterprise Attack Surface

Rhea-AI Summary

Absolute Software (NASDAQ: ABST) has released its third annual Endpoint Risk Report, highlighting key trends in enterprise data security. Notably, ransomware attacks surged by over 150% in 2020, driven by pandemic-related disruptions. The report reveals that one in four devices lacked effective security controls, raising concerns about vulnerabilities in remote work settings. CEO Christy Wyatt emphasizes the importance of robust endpoint security, stating that the company’s Application Persistence service boosts security control effectiveness by 21% compared to others. The findings call for improved security measures across enterprises.

Positive

• Application Persistence service improved security control effectiveness by 21%.
• Emphasis on the critical need for resilient endpoints in remote work environments.

Negative

• One in four devices analyzed had critical security controls considered unhealthy.
• 73% of devices contained sensitive data, highlighting potential exposure risks.

Absolute Software™ (NASDAQ: ABST) (TSX: ABST), a leader in Endpoint Resilience™ solutions, today announced key findings from its third annual Endpoint Risk Report. This year’s edition shines a light on key trends affecting enterprise data and device security, and underscores the dangers of compromised security controls in expanding an already wide attack surface for today’s enterprises.

Researchers estimate that the number of ransomware attacks grew by more than 150 percent in 2020, fueled by the global pandemic and the massive disruption to IT and Security operations. According to The Coveware Quarterly Ransomware Report, the most common software vulnerabilities exploited by ransomware attackers in Q1 (Jan – Mar) 2021 involved Virtual Private Networks (VPNs). It goes on state that “the cyber extortion economic supply chain demonstrated how a vulnerability in widely used VPN appliances can be identified, exploited and monetized by ransomware affiliates.”

The findings in Absolute’s 2021 Endpoint Risk Report reveal that the need to support and secure remote workforces only exacerbated the existing complexities found in today’s endpoint environments - and with increasing complexity comes the increased risk of friction, failure, and noncompliance. One in four devices analyzed had critical security controls — such as encryption, antivirus, or VPN — considered to be unhealthy, or not working effectively, at any given time. If left unaddressed, almost any application deployed on the endpoint carries the potential of becoming an attack vector.

“The trends in this year’s report — unaddressed vulnerabilities, unprotected data, and failing security controls – are clear indicators that it is time for organizations to put rigor around ensuring the endpoint security tools they’ve invested in are effectively protecting their valuable, and vulnerable, corporate devices and data,” said Christy Wyatt, President and CEO of Absolute. “And, the findings underscore the critical need for resilient endpoints and applications in the evolving ‘work from anywhere’ era. The ability to identify and mitigate risk is dependent on having the ability to monitor the state of every device and application, identify where things might be fragile or falling down, and autonomously heal them when needed.”

The Absolute Platform for Endpoint Resilience enables a secure, unbreakable connection to every endpoint, delivering visibility and intelligence into devices, data, and applications across the entire endpoint environment. Absolute's Application Persistence™ service continuously measures the effectiveness of a growing ecosystem of mission-critical security and productivity applications, and empowers them to automatically repair or reinstall themselves if they become compromised. Absolute’s insights show that enterprise devices running Absolute's Application Persistence service reported security control effectiveness 21 percent higher than those without.

Other notable insights from the 2021 Absolute Endpoint Risk Report include:

• Endpoint complexity and redundancy continue to plague enterprises:The average number of security controls has increased to more than 11 per enterprise device, with the majority of devices containing multiple controls with the same function. Two in three (60%) enterprise devices analyzed had two or more encryption applications installed, while more than half (52%) had three or more endpoint management applications installed.
• Sensitive data remains unprotected and at risk: Nearly three in four (73%) enterprise devices analyzed contained sensitive data, such as Protected Health Information (PHI) or Personally Identifiable Information (PII). Compoundi

FAQ

What are the key findings from Absolute Software's Endpoint Risk Report 2021?

The report reveals a 150% increase in ransomware attacks in 2020, with one in four devices lacking effective security controls.

How does Absolute’s Application Persistence service enhance security?

It increases the effectiveness of security controls by 21% compared to devices without the service.

What percentage of enterprise devices contain sensitive data according to the report?

Approximately 73% of enterprise devices analyzed contained sensitive data such as Protected Health Information.

How does endpoint complexity affect enterprise security?

The report indicates that the average enterprise device has over 11 security controls, complicating security management and increasing vulnerability.

What does Absolute Software recommend for improving endpoint security?

The report stresses the need for organizations to ensure their endpoint security tools are functioning effectively to protect corporate data.