Promisec Releases Findings of Top Internal Network Threats in the First Half of 2008

Promisec Releases Findings of Top Internal Network Threats in the First Half
of 2008
In Scans of More Than 100,000 PCs and Servers Across a Number of Industries,
not one Organization is Found to be Threat-Free

NEW YORK and TEL AVIV, Israel, July 23 /PRNewswire/ -- Promisec Inc., a
technology leader in clientless solutions to enforce the security, compliance
and integrity of endpoints and servers, announced today its findings from
security audits of more than 100,000 corporate endpoints. These audits were
conducted in the first six months of 2008 in enterprises of different sizes
and revealed that not even one organization was completely clean from
internal threats, and the minimum number of threats found was three.
    In today's world, more and more customer data is being found on servers,
desktops and laptops which contain critical information that can promote a
company's growth or destroy it in an instant. Furthermore, the risk extends
beyond the private sector to the public sector and anyone in their homes
receiving services from one of these infrastructure entities.
    Promisec's security audits were done across a number of industries,
including finance, healthcare, insurance, manufacturing, etc. and found that:
    - Use of unauthorized removable storage continues to rise in
      organizations.

    - The number of endpoints that do not apply threat management
      agents or are not updated with the latest build or signatures continues
     to rise.

    - Instances of unauthorized instant messaging continue to increase in all
      organizations.

    Promisec discovered that 12% of infected computers had a missing or
disabled anti-virus program, 10.7% had unauthorized personal storage like USB
sticks or external hard drives, 9.1% had unauthorized peer-to-peer (P2P)
applications installed, 8.5% had a missing 3rd party desktop agent, 2.6% had
unprotected shared folders, 2.2% had unauthorized remote control software,
and 2% had missing Microsoft service packs.
    One of the most alarming findings of the audit was how rapidly these
internal security threats have increased over the past year. Compared to a
similar study Promisec conducted in 2007, Promisec found that in the first
half of 2008, the percentage of infected computers with unauthorized remote
control software had increased by more than 200-fold, those without a working
anti-virus program had increased 12-fold, and the number with unauthorized
storage had increased by 10-fold. Other threats had increased by anywhere
from two to eight times as many when compared to the previous year.
    "Despite millions of dollars invested in security technology and millions
more in personnel costs, we did not find a single company that had a
completely clean bill of health from a risk and security perspective," said
Alan Komet, vice president of Promisec. "Internal threats are the biggest
risk area to a company's security, and the threats we found are ones that are
easily remediated. However, the lack of visibility into the endpoints and
servers within an enterprise makes it difficult for IT administrators to fix
the problems."
    Promisec Inc. regularly conducts comprehensive security audits at
potential customer sites to identify the prime threats to internal network
security, originating at endpoints enterprise-wide. The audit takes less than
an hour after implementation of Promisec Spectator, installed on a single
enterprise workstation and can scan each endpoint in under four seconds. The
software's ability to perform discovery and provide reporting across all
corporate networks produces a detailed synopsis of processes, devices and
other activities on the network which may be outside of corporate policy,
revealing the current state of internal network security. Promisec Spectator
can then go on to remediate the issues raised by the detailed audit.
    To gain immediate access to the Promisec Risk Center for Internal Network
Threats, visit http://www.promisec.com/riskcenter and register to receive
instant updates on emerging internal network threats as they are discovered
by Promisec research teams. Itemized findings of the top threats to internal
network security report is available on the Promisec website's risk center as
well.
    Visit the Promisec Website to learn how to improve enterprise endpoint
security at http://www.promisec.com. Promisec Spectator and Promisec
INNERspace is available through North American resellers.
    About Promisec Spectator
    Promisec Spectator software (also known as Clientless Endpoint Security
Management technology) provides enterprises with a complete security solution
that protects them from threats originating within the internal network,
caused by their own users, insiders or by technical mis-configuration. This
software-only solution is normally installed on an administrator's desktop or
on a dedicated server in the SOC/NOC (Security/Network Operations Center) -
not at the gateway. With detection, repair, prevention and monitoring
modules, Promisec Spectator delivers a comprehensive solution to manage
security on all organization network endpoints and servers
    About Promisec
    Promisec, Inc., is a technology leader in agentless management software.
The company offers industry proven internal network security solutions in use
by all size companies from SMBs to Global 2000 organizations. The company's
products, Promisec Spectator and Promisec INNERspace, protect against
business disruption from internal network threats with the only agentless
endpoint security software to deliver both monitoring and remediation for a
layered approach to corporate network security. Privately held and founded in
2004, Promisec's headquarters are located in Israel with offices in New York
and Paris. Visit the Promisec Web site at http://www.promisec.com .
    Promisec, the Promisec logo and Spectator Professional are trademarks or
registered trademarks of Promisec, Ltd. All other product and brand names
mentioned in this document are trademarks or registered trademarks of their
respective owners.
    Reader Contact Information:
North America:
    Promisec U.S.A, 55 Broad Street, Suite 20C , New York, NY 10004, USA,
Tel: +1- 212-743-9916; Fax: +1-212-889-3213, Blog:
http://www.promisec.typepad.com, info@promisec.com
Europe / Middle East / Asia:
    Promisec, Ltd., 11 Moshe Levi St, UMI Building, Rishon Le Zion, 75658,
Israel, Tel: +972-3-951-9533, Fax: +972-3-951-8183.
    Contact Agency:                  Promisec:
    Alan Weinkrantz & Co             Tally R. Elhyani-Bassali
    +1-210-820-3070 ext. 103         +1-607-821-2539
    alan@weinkrantz.com              tallye@promisec.com



SOURCE  Promisec Ltd

Reader Contact Information: North America: Promisec U.S.A, 55 Broad Street,
Suite 20C , New York, NY 10004, USA, Tel: +1- 212-743-9916; Fax:
+1-212-889-3213, Blog: http://www.promisec.typepad.com, info@promisec.com;
Europe / Middle East / Asia: Promisec, Ltd., 11 Moshe Levi St, UMI Building,
Rishon Le Zion, 75658, Israel, Tel: +972-3-951-9533, Fax: +972-3-951-8183