Widespread confusion about the installation of endpoint security on enterprise client PCs is leaving firms vulnerable to malware, malicious code and destructive spam, industry experts warned today.

Endpoint security systems, defined by IDC as centrally managed client security offerings, are a relatively new concept and, as such, are causing confusion to many companies, according to the analyst firm.

A newly published IDC report found that most enterprises admitted to having trouble agreeing even what endpoint security actually means.

Despite this confusion, the poll of 304 IT professionals and line-of-business managers found that IT managers are gearing up to deploy endpoint security in ever increasing numbers.

"The complexity of the problem has profound and far reaching effects throughout an organisation," said Allan Carey, manager of IDC's Security and Business Continuity Services programme.

"Enterprise senior management, as well as IT and business unit leaders, must see the big picture to address concerns about security, mobile device use, employee productivity, remote access, and centralised access control."

The IDC research also revealed that the number of wireless email devices and mobile phones accessing the enterprise network is growing at an "astounding rate ", while Cisco and Symantec are viewed by respondents as the leading endpoint security vendors.

Of the 64 per cent of respondents claiming to have endpoint security solutions in place, 88 per cent stated that their systems are 'somewhat' or 'very' effective.