Dimension Data announced the results of its Network Barometer Report for 2011. The findings of the report have been taken from 270 “Technology Lifecycle Management” (TLM) assessments of enterprise organizations.
The annual Dimension Data report gauges the readiness of organizations’ networks to support business by evaluating adherence to best practices, potential security vulnerabilities and the end-of-life status of network devices.
Key findings from the 2011 report are:
- More than 73% of corporate network devices had at least one known security vulnerability, nearly double the 38% recorded in last year’s report.
- A single, higher-risk vulnerability identified by Cisco’s PSIRT* (Product Security Incident Response Team) in September 2009 – PSIRT 109444 – was found in a staggering 66% of all devices, and was responsible for this jump.
- With PSIRT 109444 removed from the equation, the next four vulnerabilities were found in less than 20% of all devices, indicating that organizations are stepping up remediation efforts.
- 47% of devices were in late stage obsolescence – characterized as “beyond end-of-contract renewal” – which is the highest risk phase of the product lifecycle. At this point, organizations can no longer purchase additional support and are less likely to have access to the latest vendor-supplied security patches, leaving them vulnerable to security breaches and compliance violations.
- The average number of configuration violations per device has decreased by 30%; however, AAA (authentication, authorization and accounting) errors continue to dominate.
- A fall in the total number of configuration issues per device indicates that there has been progress in organisations’ response to configuration errors.
- Despite some improvement, potential security violations still represent the single largest block of configuration errors.
- Technology obsolescence is running at 38% of organisations’ installed asset base – little change in the past 3 years
- The percentage of devices in late stage end-of-life dropped from 58% last year to 47% this year, and those beyond LDoS dropped from 31% last year to 9%. This suggests that organisation are managing their network assets in a much more effective manner and refreshing those devices where the risk is greatest.
- An increase in technology obsolescence in the cases of repeat assessments also suggests that organisations are using an overall understanding of their technology estate to ‘sweat assets’ intelligently.
“The Network Barometer Report 2011 raises the question of whether organizations have the necessary visibility into their overall technology environment to adequately protect customer data, privacy and sensitive business information, and to intelligently manage and ‘sweat’ IT assets,” said Wesley Johnston, chief operating officer, Dimension Data Americas.
“Previous research that we’ve conducted – unrelated to the Network Barometer Report – supports this concern, revealing that companies are unaware of as much as 25% of their networking devices. Organizations need a full view of every device on the network – including where it is, what it does and what the implications are when it breaks or becomes unsupportable – in order to protect themselves and their customers and ensure business productivity and efficiency,” stated Johnston.
The Dimension Data Network Barometer Report can be downloaded here