IT security and control firm Sophos has announced initial findings from the Sophos Endpoint Assessment Test. This free online scanning service checks for endpoint security vulnerabilities, and looks for missing Microsoft security patches, disabled client firewalls, or missing endpoint security software updates. The test ran for 40 days and collected information from over 580 PCs worldwide. And the news isn’t good – unless you’re a cybercrim that is. The Sophos results show that 81% of the corporate endpoints tested had failed one or more of these basic checks.

From the three tests conducted, results showed that 63% were missing at least one Microsoft security patch from one of the following: Microsoft Windows OS, Microsoft Office, Microsoft Internet Explorer, Microsoft Media Player or Flash Player. Meanwhile, 51% of endpoints tested had disabled client firewalls and 15% had out-of-date or disabled endpoint security software.

“We’re holding up to the light an aspect of endpoint security that has long been evaded by IT departments – the inability to properly assess and control baseline endpoint security requirements such as updated patches, enabled firewalls and current anti-malware signatures updates. Ultimately, machines that fail such a test represent ‘low hanging fruit’ for cybercriminals and a real danger to their corporate networks,” judges Bill Emerick, Sophos vice president of product management for Network Access Control. “Sophos will continue accumulating endpoint assessment results to raise awareness and to help organisations prioritise the areas of greatest vulnerability.”

For the Sophos Endpoint Assessment Test, Sophos collected data from 583 corporate endpoints across all geographies. North America represented 39% of the sample base, while the UK made up 36%, and Australia and Germany were 11% and 9% respectively (5% being other countries).

Additional statistical information is as follows:
·         39% of the end users were part of an organisation with fewer than 100 users
·         36% were part of an organisation size between 100 and 1,000 users
·         25% were from organisations larger than 1,000 users

“This free tool from Sophos gives us an easy way to reintroduce the need for NAC (network access control),” comments Sophos channel partner Kevin Milloy, senior principle consultant at AMA Inc. “Far too many companies still believe the first-generation of NAC rhetoric that dwelled on network outbreak protection or guest access, when in actuality the much bigger issue – and one that endpoint NAC squarely addresses – is keeping endpoints protected by ensuring security measures remain enabled and current”

NAC-ered?
Oddly enough, given the parlous state of enterprise security found by Sophos, a new report from Infonetics Research, reckons the global NAC market is booming. According to the ‘NAC Enforcement Appliances’ study the NAC market jumped 16% sequentially in the first quarter of 2008, hitting US$62.7mn. Infonetics believes that this market sector will continue to see strong annual growth over the next five years.

“While many have been pronouncing NAC dead, we approached this market in a realistic way from the beginning, so recent events, including the faltering US economy and the disappearance of some early NAC vendors, haven’t forced us to make major changes in our forecasts,” reports Jeff Wilson, principal analyst for network security at Infonetics Research. “While many vendors reported sluggish first quarter results, they’re reporting strong preliminary second quarter results, great pipelines, and decreasing sales cycles for the rest of the year.”

Some other takeaways from the Infonetics analysis included:
·         in-line NAC appliance revenue and out-of-band NAC appliance revenue now account for almost equal portions of the total NAC enforcement appliance market in Q1 2008