New Study from Duo Finds Millions of Devices Running Out-of-Date Systems, Despite Latest High-Profile Breaches
(Thomson Reuters ONE) -
On a positive note, research also shows Windows 10 adoption has doubled since
2016 to 31% of endpoints running the latest version of the operating system;
Findings highlight the importance of updating and patching to stay ahead of
latest exploits
ANN ARBOR, MI--(Marketwired - Jun 5, 2017) - Duo Security, the world's leading
cloud-based Trusted Access provider, today released The 2017 Duo Trusted Access
Report, analyzing the security health of 4.6 million endpoint devices, including
3.5 million mobile phones across multiple industries and geographic regions.
With increased adoption of cloud services and mobile devices, enterprises no
longer have distinct boundaries defined by inside and outside the firewall,
making the health of devices connecting to their network more critical than ever
to protect against new security threats.
To review all findings and learn what you can do to mitigate risks associated
with the new enterprise IT model, read the full 2017 Duo Trusted Access Report
here: duo.sc/2017-trusted-access
To measure the state of device security health, the report analyzes top
indicators including out-of-date operating systems, browsers and plugins that
make endpoints more susceptible to vulnerabilities, as well as security features
mobile devices have enabled.
Also, for the first time, the report highlights the latest data from Duo's
simulated phishing assessments. Phishing is one of the easiest and most
effective ways for attackers to steal user credentials, exploit out-of-date
software, and gain access to enterprise applications.
Key sections and highlights of the report include:
Overall Device Security Health
* Improvement for Microsoft operating systems (OS): 31% of endpoints are
running the latest OS version, Windows 10, compared to 15% in 2016.
Enterprises are slowly migrating to the most up-to-date and secure version
two years after its release.
* However, 13% of endpoints are browsing dangerously on an unsupported version
of the Internet Explorer browser that is no longer receiving security
updates that patch known vulnerabilities.
Mobile Security Health
* Only 27% of Android phones are running the latest major OS version, compared
to 73% of iPhones operating on iOS 10 or above. This stark difference is
likely linked to many Android devices being beholden to both manufacturers
and carriers to roll out updates, which can slow down the time to patch.
UK and EMEA Security Health
* Compared to North America, EMEA (Europe, Middle East and Africa) countries
are slightly more up to date. In EMEA, 40% of endpoints are running the
latest version, Windows 10, compared to 31% in North America. In the United
Kingdom, 37% of endpoints are running Windows 10, compared to 31% overall.
Industry-Specific Security Health
* The technology industry has the highest number of endpoints running the
Windows 10 operating system (OS) at 87%, while the healthcare and machinery
industries fall in the bottom with only 16% and 6% of endpoints respectively
using the latest OS.
* Healthcare industry data reveals 76% of endpoints are running Windows 7 --
an 8-year-old operating system -- which is much higher than the 59% average
of all other endpoints. Worse still, the percentage of healthcare endpoints
running Windows XP has increased from 2% to 3%, which is higher than the 1%
of overall endpoints. This is troubling to see, as Microsoft ended security
support for Windows XP in 2014, and continuing to run the OS could run afoul
of the HIPAA risk management requirements.
* The biotech industry comes in last for mobile security features, with the
lowest amount of mobile devices with screen lock or encryption enabled,
meaning they lack mobile device security.
Phishing on the Rise
Duo's analysis of 3,575 simulated phishing campaigns conducted in the past 12
months from Duo Insight, with more than 80,000 recipients, found that 62% of
campaigns captured at least one credential and 68% had at least one out-of-date
device.
* 44% of recipients opened the email and 25% of recipients clicked the link
* 13% of recipients entered their credentials (username and password).
* 13% of recipients use out-of-date browsers and 17% are running out-of-date
operating systems
A quarter of recipients clicking the link in the email means that they could
have potentially visited a malicious website, putting their devices at risk.
Since the majority of recipients are using out-of-date devices to open phishing
emails, this also puts users at higher risk of getting compromised by an
attacker using known vulnerabilities.
Mike Hanley, Sr. Director of Security for Duo, explained, "As underlined from
many of the latest headline breaches, unpatched, out-of-date software, systems
and servers are prime targets for attackers armed with known vulnerabilities and
malware. The 2017 Trusted Access Report shows that while we're making progress
in some areas like Windows 10 adoption, there is still much room for improvement
across the board."
To download the full 2017 Trusted Access Report, please visit: duo.sc/2017-
trusted-access
About Duo Security
Duo Security is a cloud-based Trusted Access provider protecting thousands of
the world's largest and fastest-growing organizations, including Dresser-Rand
Group, Etsy, Facebook, K-Swiss, Paramount Pictures, Random House, SuddenLink,
Toyota, Twitter, Yelp, Zillow and more. Duo Security's innovative and easy-to-
use technology can be quickly deployed to protect users, data and applications
from breaches, credential theft and account takeover. The Ann Arbor, Michigan-
based company also has offices in San Mateo, California; Austin, Texas and
London. Duo Security is backed by Benchmark, Google Ventures, Radar Partners,
Redpoint Ventures and True Ventures. Try it for free at www.duo.com.
Contact:
North America
Meredith Corley and Jordan Fylonenko
Press(at)duo.com
UK/EMEA
Kirsten Scott and Barry Salmon
duo(at)eclat.co.uk
This announcement is distributed by Nasdaq Corporate Solutions on behalf of Nasdaq Corporate Solutions clients.
The issuer of this announcement warrants that they are solely responsible for the content, accuracy and originality of the information contained therein.
Source: Duo Security via GlobeNewswire
Unternehmensinformation / Kurzprofil:
Datum: 05.06.2017 - 11:00 Uhr
Sprache: Deutsch
News-ID 546210
Anzahl Zeichen: 7171
contact information:
Town:
Ann Arbor, MI
Kategorie:
Business News
Diese Pressemitteilung wurde bisher 237 mal aufgerufen.
Die Pressemitteilung mit dem Titel:
"New Study from Duo Finds Millions of Devices Running Out-of-Date Systems, Despite Latest High-Profile Breaches"
steht unter der journalistisch-redaktionellen Verantwortung von
Duo Security (Nachricht senden)
Beachten Sie bitte die weiteren Informationen zum Haftungsauschluß (gemäß TMG - TeleMedianGesetz) und dem Datenschutz (gemäß der DSGVO).
