Research Shows Enterprises Are At Significant Risk From Common Endpoint Device Security Gaps

Research Shows Enterprises Are At Significant Risk From Common Endpoint Device
Security Gaps
IT administrators identify inadequate data protection, deficient mobile access
policies, and system integrity vulnerabilities as key issues

WALTHAM, Mass., Oct. 20 /PRNewswire-FirstCall/ -- In an effort to help IT
departments evaluate and better secure their network endpoints, such as
desktops, notebooks, smart phones, MP3 players and thumb drives, Novell today
announced initial results from its Threat Assessment survey which show that
many enterprises are still highly vulnerable to preventable security threats.
To date, the survey has revealed significant vulnerabilities, particularly in
the areas of inadequate data protection, insufficient mobile access policies,
and lack of application control and system integrity for endpoint devices.


Inadequate Data Protection
    --  71 percent of companies said they do not encrypt data on laptops,
while
        73 percent of companies do not encrypt data on removable storage
        devices, exposing the company to significant risk if these devices are
        lost or stolen.

    --  72 percent of respondents said they do not control the data that is
        copied to removable storage devices or optical writers, and 78 percent
        do not report what data is written to removable storage devices,
        creating the potential for inappropriate data distribution and
        compliance issues.





Insufficient Mobile Access Policies
    --  90 percent of respondents said their end users access open,
non-secured
        wireless networks when outside of the office (i.e. hotspots, hotels,
        coffee shops), leaving endpoints and data vulnerable to attacks.

    --  76 percent of companies said that they cannot ensure system health,
        integrity, and compliance of their endpoint devices when they go
beyond
        the perimeters of the organization.





Lack of Application Control and System Integrity 
    --  53 percent of respondents are not able to prevent peer-to-peer traffic
        like Bit Torrent and Gnutella from accessing their networks, thereby
        draining precious IT resources and creating risk that corporate data
        will be accessed.

    --  65 percent of respondents were unable to prevent user from accessing
the
        corporate network if the user lacked system integrity verification
        tools, such as anti-virus software. Further, 73 percent could not stop
        an out-of-compliance endpoint from propagating infections or becoming
        infected.





"Endpoint security threats are evolving at a rapid pace," said Grant Ho,
senior solution manager for Endpoint Management at Novell. "Every day, vital
customer data is lost due to lax security practices. The Threat Assessment
survey is designed to give enterprises a better idea of their security
vulnerabilities as well as provide guidance to ensure they are doing
everything they can to secure their endpoints and protect sensitive corporate
and customer data."


Endpoint Security Management Best Practices
Based on the results of its Threat Assessment survey, Novell identifies the
three best practices for endpoint security as data protection, mobile access
control and system health.
    --  First, organizations should simplify their endpoint security needs and
        reduce IT costs by combining point security solutions under a single
        management console.
    --  Second, IT administrators should secure their mobile endpoints and
        protect their data with IT solutions that control removable media,
        storage or Wi-Fi enabled devices while maintaining system integrity
24/7
        whether endpoints are connected to the network or not.

    --  Third, employing network access control technology can help an
        organization prevent security threats from entering the network and
        contaminating other devices without stifling business.





The survey results were gathered from responses to the Novell® Threat
Assessment Tool, an online test that offers IT administrators and decision
makers the opportunity to evaluate their endpoint security practices,
procedures and risks. From managing removable storage and VPN usage to data
encryption and advanced personal firewalls, the Novell Threat Assessment Tool
helps enterprises identify areas of security vulnerability and offers
recommendations to assist businesses in shoring up the integrity of their
endpoints. To access the free Threat Assessment Tool, visit
http://www.novell.com/systemsmanagement/secure-desktop/threat-assessment/threatassessment.html.


About Novell
Novell, Inc. (Nasdaq: NOVL) delivers the best engineered, most interoperable
Linux* platform and a portfolio of integrated IT management software that
helps customers around the world reduce cost, complexity and risk. With our
infrastructure software and ecosystem of partnerships, Novell harmoniously
integrates mixed IT environments, allowing people and technology to work as
one. For more information, visit www.novell.com.


Novell is a registered trademark of Novell, Inc. in the United States and
other countries. *All third-party trademarks are the property of their
respective owners.





SOURCE  Novell, Inc.

Kerry Adorno of Novell, Inc., +1-781-464-8042, kadorno@novell.com; or Kristin
Conforti of PAN Communications, +1-978-474-1900, usenovell@pancomm.com