Employees Not Following Policy is the Biggest Threat to Endpoint Security, IT Pros Say

For all the talk about technology, many IT professionals feel security comes down to one unavoidable factor – the end user.

In the 2015 State of the Endpoint study by Ponemon Institute, researchers found that 78 percent of the 703 people surveyed consider negligent or careless employees who do not follow security policies to be the biggest threat to endpoint security. In addition, 63 percent agreed that employees operating from home offices and other offsite locations have significantly increased endpoint risk throughout the organization.

There are as many reasons for not following security policies as there are end users, said Chris Merritt, director of solution marketing at Lumension, which sponsored the survey.

“I wouldn’t go so far to say they don’t care – mostly – but I’d also point out that organizations probably haven’t done a good job of helping them understand why they should care,” he told SecurityWeek, adding that organizations need to recognize that one-time training during on-boarding is not good enough.

“Training to discuss the whys and wherefores of the policies needs to be an ongoing process, one aimed at changing the culture,” he added. “Also, it’s important for organizations to recognize that their end users are their first line of defense, so they need to have a way to report suspicious emails, sites, system behaviors, and the organization must have a way to consume/act on those reports … if folks see the organization taking it seriously, they’ll take it seriously.”

Humans, he said, will always ensure that no security is foolproof. In order for the organization to operate, humans will have to build its infrastructure, which will create opportunities for misconfigurations, poorly thought-through goals and other shortcoming that allow for misuse, errors and oversights. 

It isn’t all about employees maliciously ignoring the rules. Last year, a survey of 600 enterprise employees by Enterprise Management Associates found that more than half did not get any security or policy awareness training from their company. In addition, 70 percent of respondents agreed their organizations’ endpoint security policies are difficult to enforce due largely to a lack of governance and control processes.

Further challenging endpoint security is a variety of attacks. According to 80 percent of the respondents in the Ponemon study, web-born malware attacks are the most frequent threat, followed by advanced persistent threats (65 percent) and rootkits (65 percent). Zero-day attacks were cited by 46 percent, an increase from 32 percent last year.

Among the applications on corporate endpoints, Adobe products such as Flash Player and Acrobat led the way on the list of apps respondents felt were causing the most problems in managing endpoint risk. Adobe was followed by Oracle Java JRE (54 percent) and third-party cloud-based productivity apps such as WinZip, VLC, VMware and VNC (46 percent).

Overall, 68 percent of respondents said endpoint security is becoming a more important part of their organization’s overall IT security strategy. “IT continues to battle malware at the endpoint and 69 percent of our respondents say it increased in severity last year,” said Dr. Larry Ponemon, chairman of the Ponemon Institute, in a statement. “While it is positive news that companies are making the security of endpoints a higher priority, to win the war they need to recognize the criticality of minimizing employee negligence and investing in technologies that improve the ability to detect malicious attacks.”