Keeping Windows up to date with the latest fixes is a major challenge for enterprise IT teams and can leave endpoints vulnerable, according to a new report.
The study from systems management company Adaptiva reveals that 59 percent of companies take up to a month or longer to complete Windows OS updates.
In addition, 48 percent of respondents say that third-party patching is also difficult to accomplish company-wide. 32 percent of respondents identify keeping up with 'the pace of policy changes to defend against newly discovered vulnerabilities or cyberattack methods' as the most difficult ongoing challenge that IT teams address.
"Breaches are occurring unnecessarily, teams are overwhelmed, and it's been nearly impossible for enterprises to keep up with changes in security policies," says Jim Souders, chief executive officer at Adaptiva. "With the Windows 10 migration, the situation becomes even more serious. If companies can't find ways to successfully automate security for Windows 10 and other third-party applications, they’re putting their systems at risk."
Lack of resources is a key problem. 55 percent of respondents believe that security policy compliance needs to be checked at least daily on every endpoint company-wide (10 percent think it should be checked hourly), but many companies lack the teams and tools to do security configuration management properly.
Fixing systems that are out of compliance with security policy is the most time-consuming endpoint security configuration management task that respondents undertake. Yet they lack the time needed to produce the automations required to identify and fix non-compliant endpoints. 45 percent of respondents say they lack the time to write automations at all, and 46 percent can only produce a fraction of those needed.
Lack of expertise is a problem too, with nearly a third of staff lacking the necessary skills to write their own automations. Another area of concern is that 38 percent of respondents say delivery of security software and updates over low-bandwidth connections is not reliable, making it difficult for enterprises to determine if updates even reach endpoints.
You can find out more in the full survey results which are available from the Adaptiva website.