Education sector among worst offenders for out of patch IT systems

The education sector is one of the worst offenders for out of patch IT systems, with the average Windows 10 patch age standing at 188 days, according to new research from Absolute Software.

Education landed at second spot for the most out of date patch, behind government and ahead of healthcare.

More than 80 percent of devices analysed use the Microsoft® Windows® OS, with the large majority on Windows 10 – and within that device population, there are 14 different versions and more than 800 builds and patches to manage.Absolute’s telemetry data also shows there are 67 applications installed on the average enterprise device, with 10 percent of those devices having more than 100 applications installed.

While many of these tools enable employees to be productive, they also contribute to increased complexity. This complexity can create conflict among applications; impede the patching and maintenance of devices and applications, especially if those devices are remote; and lead to software failing or going offline over time.

Inthis report, Absolute looks at common security applications deployed for hybrid workers andassessedthe health ofleadingvendors within the categories of:Endpoint Protection (EPP), Endpoint Detection and Response (EDR), and secure access. Thedata shows seven of the 10 apps analysed across these categories were installed and healthy on less than 80 percent of devices, on average–and in some cases, as low as 47 percent. When self-healing capabilities viaAbsolute Application Resilience™ were enabled, application health and efficacy rates across these same vendors increased significantly, as much as 52 percentage points.

“Security that is not installed or working effectively cannot protect you,” said Christy Wyatt, President and CEO of Absolute Software. “The criticality of these security controls, especially among remote and hybrid workers cannot be overstated and the ability to keep them healthy is often oversimplified. Even market-leading, world-class software requires repairing for many reasons: changing in the environment around it, or new forms of risk introduced by adversaries or even by the use. By applying intelligence and automation to heal them, we can remediate the risk, restore the user experience, and ensure compliance.”

The work-from-anywhere model is exacerbating the strain on IT and security teams – compounding existing device health and security challenges with a broad mix of networks, hardware, OS versions, and patches. More than 80 percent of devices analysed use the Microsoft® Windows® OS, with the large majority on Windows 10 – and within that device population, there are 14 different versions and more than 800 builds and patches to manage. Absolute’s telemetry data also shows there are 67 applications installed on the average enterprise device, with 10 percent of those devices having more than 100 applications installed.

Other key insights from the ‘2023 Resilience Index’ include:

Distributed, highly mobile users compound complexity: The average number of enterprise device locations across Absolute customers has grown 15 percent year-over-year, with an average of four locations per device observed in February 2023.

Hybrid working means heavy reliance on third-party networks: In hybrid work models, critical applications like Virtual Private Networks (VPNs) and Zero Trust Network Access (ZTNA) need to be deployed, installed, and up to date. However, Absolute data shows this critical tool is either not installed or is not at the required version level on more than 30 percent of devices.

Read the full ‘2023 Resilience Index’ here.To learn more about Absolute Software and the company’s intelligent, self-healing security solutions, visit here.