The piece was based on a study conducted by our client in 2007, in which they audited 30 organizations with 500 to 15,000 users, finding endpoint vulnerabilities at every one of them.
In my speaking to Promisec customers, I’ve learned that USB devices alone are a huge vulnerabilities. One business had unauthorized USB devices in 55 percent of its machines, and another had 22 percent of its users on file-sharing networks. In February 2008, Promisec found 32 percent of computers scanned had unauthorized storage devices attached.
Other vulnerabilities include: Peer-to-Peer File Sharing, Antivirus Problems, Outdated Microsoft Service Packs, Missing Security Agents, Unauthorized Remote-Control Software,
Media Files, Unnecessary Modems, Unauthorized or Unsecured Synchronization Software, and Wireless Connectivity.