Nearly one out of every five enterprise Windows servers lacks endpoint protection, according to a study

Nearly one out of every five enterprise Windows servers lacks endpoint protection, according to a st ...

Sevco Security has released new data that examines the security threats businesses face when they lack visibility across their IT assets, creating significant gaps in their cybersecurity attack surface. The first State of the Cybersecurity Attack Surface report explores data from visibility into more than 500,000 IT assets, discovering a surprising number of assets that are lacking endpoint protection or are not covered by enterprise patch management solutions.

According to the study, a lack of visibility into IT assets has resulted in enterprise attack surfaces that are prone to weaknesses, with 12% of IT assets missing endpoint protection and 5% of IT assets being discovered using enterprise patch management solutions.

Servers are devoid of endpoint protection or are unpatched.

Enterprises are over-indexing on Windows client protection and underpaying too much attention to Windows servers, according to the report, which are the most vulnerable target, with 19% of all Windows servers lacking endpoint protection, compared to 11% of Windows clients and 12% of MacOS assets.

MacOS assets are 2-3 times more likely to be without patch management than Windows clients and servers. 14% of MacOS are without patch management vs. 5% of Windows servers and 4% of Windows clients.

Stale assets present significant health hazards.

The report also highlights the appearance of "stale" IT assets, which pose an even greater threat to businesses. Stale IT assets are defined as those that appear in the security control console as being installed on the device but haven't checked in for at least 14 days.

According to data from the study, 3% of all IT assets are "stale" in terms of endpoint protection, while 1% of all IT assets are "stale" from the perspective of patch management coverage. These stale IT assets are more difficult to account for because they are essentially time bombs masquerading as compliant assets.

The findings from the survey highlight the challenges that businesses face and the unnecessary risk that is posed when businesses lack visibility into their inventory, creating a cybersecurity vulnerability that is impossible to comprehend and defend.

Read the whole report from Sevco Security.

You may also like: