Eighty-one percent of corporate end points failed basic security checks in a wide ranging global survey by security solutions and services provider Sophos.
According to the security firm's initial findings from the Sophos Endpoint Assessment Test, these checks established the ability of enterprises to properly assess and control baseline endpoint security requirements such as updated patches, enabled firewalls and current anti-malware signatures updates.
"Machines that fail such a test represent 'low hanging fruit' for cyber-criminals and a real danger to their corporate networks," said Jim Dowling, director of sales for Asia, Sophos.
Sophos' free online scanning service checks for endpoint security vulnerabilities. The test looks for missing Microsoft security patches, disabled client firewalls, or missing endpoint security software updates. The test ran for 40 days and collected information from more than 580 PCs worldwide. For this test, Sophos collected data from 583 corporate endpoints across all geographies including from countries in North America (39 percent of the sample base), the U.K. (36 percent), Australia (11 percent ), Germany (9 percent) and others (5 percent).
Missing security patch and disabled firewalls
According to the IT security company, its findings showed that 63 percent were missing at least one Microsoft security patch from one of the following: Microsoft Windows operating system, Microsoft Office, Microsoft Internet Explorer, Microsoft Media Player or Flash Player. Meanwhile, 51 percent of endpoints tested had disabled client firewalls and 15 percent had out-of-date or disabled end point security software.