Share This Article
Security remains a thorny issue for small- to medium-sized enterprises (SMEs), consistently topping the list of challenges for IT professionals in JumpCloud’s biannual SME IT Trends survey. In our latest edition, IT pros shared their real-world experiences and strategies around security, among other pressing topics. This blog will dive into those insights to reveal how SMEs are tackling the security landscape today.
Unless otherwise stated, all data cited in this article are from JumpCloud’s latest SME IT Trends Report. Download your copy of the report today!
Security Is SMEs’ Top Challenge
When asked about their top challenges, 60% of SME IT professionals said security, followed distantly by new service and application rollouts (42%), the cost of solutions necessary to enable remote work (41%), and device management (39%). What’s more, half of IT teams reported being more concerned about their organization’s security posture than they were six months ago.
What makes up these challenges? IT professionals put network attacks (40%), software vulnerability exploits, ransomware, and shadow IT (29%) at the top of their lists of security concerns.
Shadow IT: A Growing Threat
Shadow IT presents significant risk to SMEs, and the threat is on the rise: shadow IT usage has increased by 59% since the remote work boom. 84% of SME IT professionals expressed concern about shadow IT; however, many of them aren’t able to adequately address it. When asked what has prevented them from addressing shadow IT, the most popular answer was that they had other more pressing priorities.
Security — not to mention IT as a whole — has many moving parts. Lean teams find themselves hard-pressed to address all of them. But as shadow IT looms — and with it emerge new shadow IT vectors, like “shadow AI” — SMEs may want to consider moving shadow IT up on their priority list.
The Importance of Centralized Resource Management
Another element that affects SME security is their ability to centrally manage resources. Centralized IT management provides full visibility and control over the IT environment. This is key to preventing threats like shadow IT and eliminating blind spots. About half (49%) of SMEs have built a centrally managed environment where all employee accounts are managed centrally with permissions and security measures controlled by IT.
While this leaves another half with at least some accounts going unmanaged, the majority (84%) of IT professionals would prefer a single platform to manage user identity, access, and security over a mix of best-in-class point solutions. This suggests that, given their way, IT teams will be moving toward more consolidated infrastructure in the future. Fortunately, it seems that executives generally support their IT staff’s recommendations — read on to learn how executives are supporting their IT teams below.
How Are SMEs Rising to Meet the Challenge?
In the face of pressing challenges, SMEs display resilience and a willingness to adapt. The following are some of the ways SMEs are working to combat the security threats they face.
Investing in IT Staff
SMEs continue to invest in security and support their IT staff. Over eight in 10 SMEs (84%) have an IT security expert on staff, and 82% of IT professionals at SMEs say that management respects their counsel and recommendations around IT operations.
These numbers suggest that SMEs acknowledge the critical role of IT security in their operations and are actively fostering a supportive environment for their IT teams. Trusting in expert analysis and recommendations puts SMEs in a good position to invest in the best security tools, processes, and practices for their business. This is critical to staying protected and competitive.
Financial Preparedness
They say the best security programs plan for when — not if — an attack occurs. And it seems that attacks are more than a distant possibility for SMEs: nearly half (45%) of them fell victim to a cybersecurity attack in the first half of 2024.
SMEs seem to be embracing preparedness when it comes to attacks. The majority (73%) report that they are financially equipped to recover from such incidents. This indicates that they are taking a well-rounded approach to managing cyber risks, not only by investing in technology and expertise but also by ensuring they have the necessary funds to deal with the aftermath of an attack.
Stronger Authentication Practices
SMEs are increasingly focusing on improving security through better authentication practices. Currently, 66% of SMEs require biometric authentication, and 67% of IT professionals think that requiring biometrics would make their organization’s security stronger.
Despite strong biometric adoption, the vast majority (95%) of SMEs continue to rely on passwords, and only 26% of SME employees can access all of their IT resources with just one or two passwords. While passwordless authentication presents stronger security than password-based authentication, it seems that passwordless is a long way off from becoming a reality for SMEs. Single-sign on (SSO), however, may act as a stepping stone by improving authentication security while requiring less frequent password input.
Learn More About SMEs
Security may be a tall mountain to climb, but there are many other issues facing SMEs today as well. JumpCloud’s latest SME IT Trends Report dives into how SMEs are approaching AI, vendor contracts, upcoming elections, and more. Download the full free report to learn how other SMEs are navigating today’s evolving world.
