IT Operations Survey: Security Takes Precedence
Click here to learn more about IT operations and security.
Join the DZone community and get the full member experience.Join For Free
It is little to no surprise that mid-market IT professionals worry more about security than any other issue. And these IT pros are taking action to protect their networks, safeguarding against ransomware and other scourges.
The 2018 Kaseya IT Operations Benchmark Survey done annually, surveys a wide swath of small and midsize businesses (MMEs) — or organizations with up to 5,000 employees. We find that the needs of MMEs are, in many ways, distinct from Global 2000 enterprises.
This year, we surveyed some 1,300 MMEs. To download the full report, click here.
Security Bigger Issue Than Reducing IT Costs
Ransomware made headlines all last year. Scourges like this raised security awareness, even amongst the CEO and top management, and prompted IT action. Even more motivating are the breaches MMEs are hit with. In the last five years, one third of MMEs surveyed were hit by a breach, and one in 10 within the last year. Each breach is a crisis. The Ponemon Institute Cost of a Data Breach Study 2018 found that “the average cost of a data breach per compromised record was $148, and it took organizations 196 days, on average, to detect a breach. Overall, we found that the total cost, per-capita cost and average size of a data breach (by number of records lost or stolen) have all increased year over year,” the study said.
It is little surprise that over half, or 54 percent, of respondents said security is their biggest concern. Next year will even more dramatic, as looking ahead to 2019, some 60 percent of respondents anticipate security to be their primary concern in the coming year.
Coming in second was reducing IT costs, cited by 31 percent of respondents. In an area related to security, 28 percent said compliance; both reporting and meeting the rules was a top priority.
Because of the threats and the damage done, MME IT has made securing the network and protecting it from outages as a top strategy – as an almost singular priority.
Of those hit by hackers, nearly half were victims of ransomware. Moreover, 22 percent (more than 1 in 5) of respondents were hit by these attacks in the last year. And of those hit with a breach, ransomware was the culprit in 44 percent of these cases.
The answer is having layered security so that ransomware attacks are thwarted. Having vulnerability management across Windows, Mac, and third-party applications is the differentiator, as those with layered protection experienced fewer security breaches.
Better Security Works
MME shops that take security seriously are reaping results. Overall, the news is good for best-of-breed MME IT shops that use layered security and modern vulnerability management. The 2018 survey finds that MMEs are heeding the warnings and understand the importance of a stringent security strategy. In fact, 65 percent of respondents have not experienced a single security breach in the past five years.
The Vulnerability Management Imperative
One way to block most attacks, including ransomware, is vulnerability management using a layered approach. Part of this is OS patching, which 81 percent of MMEs do regularly. A bit more than half, or 52 percent, monitor third-party software announcements and apply patches for critical issues within 30 days of release. Among those with no outages lasting longer than 5 minutes this past year, the main reason is monitoring third-party applications.
Layered works. Respondents with no outages in the past year have, on average, almost three solutions in place, while the average among all respondents is closer to two. When it comes to security layers, more is better.
Endpoint Auditing Vital for Complete Protection
IT pros know you cannot manage what you do not know you have. Nor can you protect endpoints from malware and cybercrime unless you have some sort of inventory, and an understanding of exactly what is on these devices in terms of operating systems, updates, and applications — including Shadow IT.
Eighty-four percent of MME respondents audit endpoints as part of their asset management processes. Of those, 68 percent track operating system information, 64 percent track installed software, and almost half track software licensing data (48 percent).
Opinions expressed by DZone contributors are their own.