Twice a year, JumpCloud commissions a survey of IT professionals working at small and medium-sized enterprises (SMEs). These surveys examine pressing current matters like the security landscape, emerging technologies, job outlook, and more.
JumpCloud’s latest report was released on July 16. It surveyed 612 IT decision-makers in the U.K. and U.S. to get a read on the SME IT market, both today and where IT professionals think it’s headed in the future. It explored topics like security, AI, MSP use, and others. This blog will cover the major findings and trends from the report. Download the full report for a deeper dive.
Note: All data and statistics cited in this article are sourced from JumpCloud’s 2024 IT Trends Report.
Cybersecurity Still Looms Large
We couldn’t get a full picture of SME IT without digging into security. Cybersecurity is a factor that plagues large and small businesses alike, although it presents particular challenges for SMEs. IT professionals working at SMEs have consistently named cybersecurity as their number one concern.
Fortunately, SMEs seem invested in supporting IT teams as they work to protect their organizations. Eighty-two percent of IT professionals say that management respects their counsel and recommendations, and 70% expect to see IT budget increase. They see these investments as mission-critical: 71% say any security-related budget cuts would increase their risk.
While SMEs continue to invest in security, it may not be enough for some. Half (50%) of the survey respondents are more concerned about their organization’s security than they were six months ago. Unfortunately, these worries aren’t unfounded: nearly half (45%) of respondents’ organizations fell victim to a cybersecurity attack in the first half of 2024.
Where Are the Security Threats Coming From?
Emerging technologies may be partially to blame for this rise in security risk. For example, 61% of IT professionals agreed that AI is outpacing their organization’s ability to protect against threats. (We explore other ways AI is affecting SMEs later in this blog).
In addition, IT teams seem to struggle to control IT sprawl. Nearly half (45%) of SMEs require five to 10 tools to manage the worker lifecycle even though 84% would prefer to do so with only one.
Tracking everything in an IT environment is harder when it isn’t centralized; when architectures sprawl, shadow IT tends to naturally crop up. In fact, 84% of SMEs are concerned about shadow IT, and it was the cause of 37% of the breaches SMEs have experienced so far this year.
IT sprawl and shadow IT decrease visibility and control. This makes environments easier to infiltrate while hampering IT’s ability to detect or respond to threats.
In addition to concerns about their own environments, SME IT professionals are also keeping a close eye on their managed service providers’ (MSPs’) security. Security is considered to be the biggest return MSPs can drive, yet 39% of IT professionals are concerned with the way MSPs handle their security.
Finally, these risks are compounded by the common SME struggle to secure sufficient resources. About half (49%) of IT professionals say that despite their best efforts, they lack the resources and staffing to secure the organization against cybersecurity threats.
Devices and Authentication Methods Are Diversifying
Shadow IT isn’t the only way SME IT environments are diversifying. In general, SME device environments are becoming less homogeneous. This is because flexibility and support have become key to both the admin and user experiences.
Today, the average device landscape in an SME is made up of 24% macOS devices, 18% Linux devices, and 63% Windows devices.
As mentioned above, IT architectures are diversifying as well. Employees require a large number of tools to do their work: Over a quarter (28%) require 11 or more tools to manage the worker lifecycle, and 17% of employees have to manage 10 or more passwords. This increase in tools and credentials naturally opens the door to credential-based cybersecurity attacks like phishing. In fact, phishing was the number one attack vector for SMEs that experienced an attack this year.
Fortunately, IT teams are investing in stronger authentication methods, like biometrics. Sixty-seven percent of IT teams agree that their organization’s security posture would be stronger if biometrics were required. Biometrics adoption is steady with 66% of SMEs requiring it.
Despite strides with biometrics, divorcing from the password seems to be a far-off reality. While the industry pushes for passwordless authentication, 95% of respondents use passwords to secure at least some IT resources.
AI Spurs Change (Both Good and Bad)
The data confirms that AI is becoming an unavoidable aspect of the SME’s future. Over 90% of SMEs have plans to implement AI. IT teams are generally hopeful about its adoption. Eighty-four percent say their organizations should be investing in AI. Seventy-seven percent see it as a net positive for their organization.
AI’s emergence into the business world seems to be a bit more tempered than many expected. For example, 22% of IT professionals say the impact of AI is much lower than they thought, and 35% say the potential impact of AI is the same but it’s moving slower than they thought it would. Despite their surprise, however, 60% say their organization is adopting AI at exactly the right speed.
Finally, while job security is still a concern, the percentage of IT professionals worried about AI’s impact on their jobs has decreased from 45% in Q1 2024 to 35% in Q3 2024. The most common worry around AI seems to be security.
SMEs Look to Optimize MSP Relationships
The steadfast relationship between managed service providers (MSPs) and SMEs continues. However, there are also signs that SMEs are starting to expect more from their MSPs.
MSPs remain a critical tool for SMEs, and investment is expected to increase. Seventy-six percent of SMEs rely on an MSP for at least some functions, and 67% plan to increase their investment over the next 12 months. Why? SMEs report improvements in security and efficiency as the biggest return.
Not all IT teams are eager to work with MSPs, though. About a quarter (24%) of SMEs don’t use MSPs. Nearly half of them (47%) say it’s because they prefer to handle IT themselves, and 39% say it’s because MSPs are too expensive. Of the SMEs who have cut ties with MSPs, cost was the most common reason (28%), followed by outgrowing the MSP’s service offerings (26%), moving IT internally (24%), and a bad customer service or sales team experience (23%).
To be successful, MSPs should keep an eye on security, costs, scale, and customer experience.
Get the Full Report
These statistics and trends here were just a few of those presented in the July 2024 edition of JumpCloud’s biannual report. In addition to diving deeper into the data discussed here, the report covers topics like the SME IT job outlook, specific attack vectors, and how larger macroeconomic and political trends are affecting SMEs. Download the full report.