The Sophos Endpoint Assessment Test gives systems a basic evaluation for things like missing patches, the state of client firewalls, and other security tests.
The bottom line: 81% of the endpoints failed one or more of those fundamental checks. That's fairly bad news considering that any of those conditions -- outdated patch level, firewall disabled, or out-of-date AV signatures -- can lead to a significant breach. But this test must have been targeting those unsophisticated SMBs, you say, and that's what tainted the results. Not so. Here's the demographic run down:
39% of the end users were part of an organization with fewer than 100 users36% were part of an organization size between 100 and 1,000 users
25% were from organizations larger than 1,000 users
And the evaluation ran in fairly IT savvy geographies, too:
North America represented 39% of the sample base, while the United Kingdom made up 36%, and Australia and Germany were 11% and 9%, respectively (5% being other countries).
Said Bill Emerick, VP of product management for network access control at Sophos: "We're holding up to the light an aspect of endpoint security that has long been evaded by IT departments -- the inability to properly assess and control baseline endpoint security requirements such as updated patches, enabled firewalls, and current anti-malware signatures updates. Ultimately, machines that fail such a test represent the low-hanging fruit for cybercriminals and a real danger to their corporate networks."
And that's one of the most accurate quotes I've read in a press release in a long time.
This blog was updated at 9:45 a.m. to correct a quote.