BeyondTrust report outlines home working endpoint threat
Enterprise cybersecurity firm BeyondTrust has released the seventh edition of its annual ‘Microsoft Vulnerabilities Report’, which breaks down the security vulnerabilities facing companies.
Based on analysis of data from Microsoft’s weekly security bulletins, the report from the privileged access management specialists also offers an analysis of cybersecurity trends going five years into the future.
Key findings included the fact that 858 total Microsoft vulnerabilities were discovered in 2019, a record figure, and that 77% of Critical Microsoft vulnerabilities in the last year would be “mitigated” by the removal of administrator rights from endpoints.
That’s a particularly critical imperative considering the current uptake of homeworking driven by the coronavirus pandemic. With those endpoints accessing corporate networks, the threat is obvious, especially when admin rights are maintained.
“The rate at which vulnerabilities are increasing is a significant concern for organizations committed to protecting their networks from data breaches,” said Morey Haber, Chief Technology Officer and Chief Information Security Officer at BeyondTrust, in a press release. “Recent global events have highlighted the critical need to continue to focus on information security. The ability to remove admin rights and control applications is no longer difficult to achieve, and least privilege should always be considered as part of a proactive security strategy.”
Other highlights include the fact that the number of reported vulnerabilities has risen by 64% in the last five years.
Sami Laiho, Microsoft MVP and Ethical Hacker said: “Removing admin rights will also allow your computers to run faster, better and longer, with less reinstallations. My larger customers have measured a 75% reduction in the amount of help desk tickets after removing admin rights, resulting in a more secure and productive environment for extended periods of time.”
The full report can be found here.
- 5 mins with Tom Kellermann, cyber security leader at VMwareCloud & Cybersecurity
- Exec Q&A with Stephen de Vries, IriusRisk CEO and co-founderCloud & Cybersecurity
- Open Systems appoints new Chief People Officer, Alaska MayCloud & Cybersecurity
- 5 Mins With: Saeed Ahmad, Callsign.Cloud & Cybersecurity