Enterprises waiting months for security updates may cause concern in ‘as a service’ future
Revamping an enterprise’s IT security is never going to be a simple flick of a switch. Yet for more than a quarter of organisations polled by enterprise software provider Kollective, it will take at least a month before vital updates are installed.
The study, which polled 260 IT managers, found that for almost two in five (37%), not installing updates is seen as the biggest security threat this year, with outdated software not being a bigger threat than password vulnerabilities, BYOD, and unsecured USB sticks. 81% of those polled said they were unable to deploy software updates when they first arrived, while more than half (52%) have to wait at least a week.
When it came to the reasons for delayed software and updates, testing was considered the biggest concern, cited by almost 40% of respondents, well ahead of distribution at scale, company policies, and lack of infrastructure.
Yet perhaps the most interesting facet of the report concerns an even larger, looming threat. In January 2020, Windows 7 support will end. This will bring Windows as a Service, from Windows 10, further to the fore.
The report notes concern with the ‘as a service’ model, with a continually repeating cycle of updates. “As ever more applications and IT service providers move to the cloud, continuous updates will rapidly become the new normal,” the report notes. “With this inevitable disruption on the horizon, it’s ever more vital that large organisations and those with distributed workforces invest in a software-defined enterprise content delivery network.”
“Following numerous corporate cyberattacks over the last 12 months, today’s businesses are spending more than ever before on enhancing and improving their security systems,” said Dan Vetras, CEO of Kollective. “But this investment is waste if they aren’t keeping their systems up-to-date.
“While it’s obviously important for IT teams to spend time testing new software and updates before rolling them out, our research has found that many of the delays in software distribution aren’t because of testing, but rather a lack of infrastructure,” added Vetras. “Poorly constructed networks mean that even those companies that have made a significant investment in security software are still leaving their organisations vulnerable to attack.
“With a growing number of applications being left out of date, today’s businesses are creating their own backdoors for hackers, botnets and malware to attack.”
You can find out more by downloading the report here (email required).
- » Tablet sales continue to decline – but hope abounds for refreshed Surface and iPad Pros
- » The real deal on cybercrime, breach timelines, and mounting a proactive defence
- » How EMEA CIOs are taking the lead in digital initiatives: AI 'becoming mainstream'
- » Get to grips with DevSecOps – and address security flaws much more quickly
- » Enterprise mobility management is more than just hype – and those still missing out need to start now