8 Mosts Commons Securitys Flaws Found by VARs

Solution providers are often the first line of retreat for end users who realize they have a security issue. A recent survey of solution providers by Channel Insider and CompTIA found that several common security ailments are found by solution providers when doing security assessments. The following are the top 8 flaws end-user security flaws found by solution providers.

Fortune 500 enterprises aren’t the only businesses subject to regulatory compliance. Community banks, retailers and health care clinics are all subject to scores of security requirements. 19% of solution providers say they find misreporting on compliance when doing security assessments.

In 1 out of every 5 cases, solution providers say their customers are miscalculating the true cost of recovering and remediating a security incident. Miscalculations lead business owners and executives from making sound budget decisions about security spending.

Security breaches are a matter of when, not if. But one-thirdof solution providers say their clients don’t fully appreciate the severity of security breaches, which leads them to fall short on completely remediating the damage.

No one wants to look stupid, but end users can’t help themselves. In 1 out of 3 engagements, solution providers say their customers misrepresent their true security capabilities, which eventually leads to security compliance shortcomings and, in worse cases, breaches.

Patching is the drudge work of security, but a necessary function. Yet, 35% of solution providers say their clients don’t property deploy patches. Making matters worse, they’ll report patches being deployed without verification. This leaves networks and applications open to dangerous exploitation.

When a security guy is asked how secure his network is, the worst answer he can give is “absolutely secure.” 38% of solution providers say their customers are embellishing security records and posture. Many solution providers say underreporting is often unintentional. But improper reporting means serious security shortcomings are left unaddressed.

Nearly half of solution providers say they’ll find rogue, scareware and unauthorized software on their clients networks while doing security assessments. Rogue software is a serious and growing problem. These apps steal data, slow performance and leave networks open to further exploitation.

68% of solution providers say they find overlooked or unresolved vulnerabilities during security assessments. This problem is often a reflection of end users’ lack of skill and resources to properly address their security needs.

Security shortcomings of end users is a ripe opportunity for solution providers. According to the survey, 65% of solution providers say problems found in security assessments will more than likely lead to new engagements and sales with their clients.