There are many factors that increase the risk for companies. The downstream security risks are the storage of sensitive data and the increasing mobility of the workforce. Unfortunately, these factors are very difficult to get a handle on and are related to the modern type of work that is taking place today.
The increasing number of vulnerabilities in IT end devices used in companies is certainly one of the biggest drivers for the growing cyber risk, as it increases the attack surface for companies. This is a fairly obvious link to cyberattack potential.
Increased attack surface
Although every endpoint is a potential target for cybercriminals, those that contain sensitive data such as personal identification information or health data pose an even greater threat. If a device containing such information is compromised, the potential damage to the organization is multiplied many times over. How big is this problem? One might think that this information is limited to a limited number of devices. Unfortunately, this assumption is incorrect. Due to the fact that today's workforce is widely dispersed, mobile workers are constantly accessing different databases containing sensitive information from different locations and networks. This increases the likelihood that employees will save data locally, on the end device itself. This locally stored sensitive data increases the potential attack surface.
Sensitive data
Absolute Software's analysis found that, on average, more than three-quarters (76 percent) of corporate devices contained sensitive data. The financial services industry, perhaps unsurprisingly, had the highest percentage of devices storing sensitive data (84 percent). A notable finding was that the percentage of devices with sensitive data increases with the number of users. The number of users is graded from level 1 (7.000+ users) down to level 5 (10-99 users). While 78 percent of Tier 5 enterprise devices contained sensitive data, only 1 percent of Tier 52 enterprise endpoints did. This could indicate that companies with a smaller number of employees find it more difficult to limit the spread of sensitive data. The data also showed that a lower percentage of devices in North America contained sensitive data than in EMEA or APJ, although in many cases these regions have stricter compliance requirements.
Advertising
Subscribe to our newsletter now
Read the best news from B2B CYBER SECURITY once a month
Expand for details on your consent
It goes without saying that we handle your personal data responsibly. If we collect personal data from you, we process it in compliance with the applicable data protection regulations. Detailed information can be found in our
Privacy Policy. You can unsubscribe from the newsletter at any time. You will find a corresponding link in the newsletter. After you have unsubscribed, your data will be deleted as soon as possible. Recovery is not possible. If you would like to receive the newsletter again, simply order it again. Do the same if you want to use a different email address for your newsletter. If you would like to receive the newsletter offered on the website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or only collected on a voluntary basis. We use newsletter service providers, which are described below, to process the newsletter.
CleverReach
This website uses CleverReach to send newsletters. The provider is CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany (hereinafter “CleverReach”). CleverReach is a service that can be used to organize and analyze the sending of newsletters. The data you enter for the purpose of subscribing to the newsletter (e.g. email address) will be stored on the CleverReach servers in Germany or Ireland. Our newsletters sent with CleverReach enable us to analyze the behavior of the newsletter recipients. This can include It is analyzed how many recipients have opened the newsletter message and how often which link in the newsletter was clicked. With the help of so-called conversion tracking, it can also be analyzed whether a previously defined action (e.g. purchase of a product on this website) took place after clicking on the link in the newsletter. Further information on data analysis by CleverReach newsletter is available at:
https://www.cleverreach.com/de/funktionen/reporting-und-tracking/. The data processing takes place on the basis of your consent (Art. 6 Para. 1 lit. a DSGVO). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation. If you do not want an analysis by CleverReach, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you have canceled the newsletter. Data stored by us for other purposes remain unaffected. After you have been removed from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist if this is necessary to prevent future mailings. The data from the blacklist is only used for this purpose and is not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR). Storage in the blacklist is not limited in time.
You may object to the storage if your interests outweigh our legitimate interest.
For more information, see the privacy policy of CleverReach at:
https://www.cleverreach.com/de/datenschutz/.
Data processing
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.
Highly mobile users increase the risk
The risk of sensitive data on devices is exacerbated by the rise of highly mobile device users. When a device is used in multiple locations and connects from multiple networks (outside the sealed home/office network), the risk of an attacker gaining unauthorized access increases significantly. Absolute analysis found that in the Professional services, government, and retail were the most mobile industries, connecting on average from more than four different locations in August 2022. However, with the exception of education, all industries surveyed had devices connecting from more than three locations per day This may not come as a surprise given that today's workforce is mobile by nature, but when combined with the numbers from the Sensitive Data Analysis above, it becomes clear that corporate endpoints are at increased risk of compromise Analysis by Absolute also found that devices in EMEA and APJ frommore locations are connected from North America than LATAM.
More at Absolute.com
About Absolute Software
Absolute Software accelerates its customers' transition to remote working with the industry's first self-healing Zero Trust platform that ensures maximum security and uncompromised productivity. Absolute is the only solution embedded in more than half a billion devices providing an always-on digital connection.
Matching articles on the topic
