Out of the 1,200 security and IT professionals surveyed by Forrester, less than half said they consider employee-owned laptops as part of their endpoint security strategy. That number was even lower for employee-owned mobile devices. Yet the overwhelming majority of respondents — 84 percent — said their companies allow employees to access company data from personal laptops, smartphones, and tablets.
A similar disconnect emerged with regard to APIs, which frequently serve as access points to company data. Ninety-seven percent of respondents said they’re concerned about API security, but only 44 percent said their endpoint security strategies take APIs into account.
Asked whether their companies
excel at monitoring endpoints for
malicious activity, only 32
percent answered in the
Since many respondents’ security strategies seem to overlook nontraditional but increasingly common endpoints, it’s not surprising that only 35 percent believe their organization is very effective at managing access to enterprise assets.
What’s the way forward for business and IT leaders who lack confidence in their current approach to endpoint security?
Forrester recommends working with cloud service providers to help protect and monitor diverse endpoint environments. Cloud providers are in a unique position to help take measures such as forcing user interaction with data through a more secure API and rolling out updates across the entire endpoint security stack.
To find out more about how nontraditional endpoints are changing the security equation for today’s businesses, access the complete Forrester Consulting report.