Annual Report

State of IT at Modern Workplaces

Download a copy instantly

 

Workplaces have changed dramatically

The workplace as we know it has changed immensely in the wake of the COVID-19 pandemic. While remote work has been gaining popularity for quite some time, the pandemic pushed most workplaces into a non-negotiable remote-first setup.

There was a seismic shift in 2020 when every business needed secure, easy-to-use IT solutions that would go off without a hitch. We wanted to learn more about how today鈥檚 workplaces have been affected by these changes.

Along with Pulse, we surveyed 100 small-to-medium business (SMB) IT leaders to understand their pain points, gather their advice for peers, and learn more about how outsourcing and/or automating their IT has helped them tackle their biggest challenges.

This report will examine which IT trends and solutions are most important to today鈥檚 business owners, what areas are still vulnerable, and what we have collectively learned during this unprecedented time in IT solutions.

 

A snapshot of today's IT management landscape

We aimed to capture a sampling that reflected the reality in which today鈥檚 small-medium businesses exist. The answers you鈥檒l see in this report come from a number of IT professionals鈥攆rom managers to executives鈥攊n businesses that represent each point on the 鈥渟mall to medium sized business鈥 spectrum.

Here鈥檚 a breakdown of our survey respondents.

Location

Titles

Company Size

Outsourced vs. in-house IT management

IT management is a big job. Not only do IT managers have to scope out the best hardware, software, and security solutions for their business, but they also have to troubleshoot issues, manage licences, and (often) act as the sole expert on anything technology-related.

Given how demanding the role is鈥攁nd how essential a well-run IT system is to growing a healthy company鈥攊t may surprise you that so many companies still have a house-run IT department.

In fact, of our survey respondents, 64% of them reported that they manage their IT in-house, while 31% use a combination of in-house and outsourced solutions. Only 5% of respondents reported using a completely outsourced IT solution.

Q: Is your IT staff in-house or outsourced?

 

Workplace security is priority number one

No matter where people are working, be it from home or on-site, workplace security remains a major concern. According to Patrick Kinsella, SVP Engineering and Chief Technology Officer at 1Path, this concern was only accelerated as most workplaces went remote in 2020鈥攁nd for good reason. 鈥淭he cybersecurity landscape changed very quickly,鈥 he says. 鈥淲ith workers moving to uncontrolled networks, the number of fake phishing emails were on the rise as early as April of 2020.鈥

Without the proper security measures in place鈥攁nd the right processes to ensure employees actually follow them鈥攊t can be difficult to trust that a company鈥檚 data will be kept safe.

When we asked our survey respondents which solutions they viewed as most important to their overall workplace security, the feedback we received was very much in line with these concerns.

Q: Which solutions do you view as most important to your overall workplace security?

We also asked our survey respondents where they felt today鈥檚 IT solutions are lacking. Perhaps it鈥檚 no surprise that the very issues they felt were important were also the ones they wanted a better solution to address.

Q: Which of the following IT solutions do you have deployed that you are LEAST satisfied with?

These answers make a lot of sense: having a secure infrastructure in place to support remote work should be priority number one for today鈥檚 workplaces. For those that have implemented these solutions but find them lacking鈥攚ell, what then? How can you be sure anything is secure if the measures you have in place aren鈥檛 cutting it?

Perhaps most interesting of all, 25% of survey respondents that selected email encryption and data loss prevention solutions as most important to overall workplace security also reported that they鈥檙e not satisfied with the solution they have deployed.

Case study: When workplace security goes awry

As all IT leaders know, it鈥檚 never a question of if you鈥檒l get hacked, but when. For Jamion Aden, IT Director and Director of Rural Health Clinics at Cozad Community Health System, it happened in the middle of the night.

Prior to the Cozad Community Health System being targeted by a ransomware attack, Jamion already knew the company鈥檚 existing anti-virus spam filtering could be better. 鈥淲e investigated what we had in place, and the virus definitions we were getting from those solutions weren鈥檛 actually blocking Ryuk attacks,鈥 he says. 鈥淲e had already started recommending to our leadership team that we get something more robust in place.鈥

Unfortunately, hackers beat them to the punch before Jamion could upgrade their anti-virus software, resulting in the aforementioned attack on Cozad Community Health System鈥檚 servers.

While Jamion and his team had a well-planned course of action for such attacks, it still took some time to get things under control, and they didn鈥檛 come out of the attack unscathed. After shutting down all 50 servers, blocking the sub-net, and using a VMWare environment to boot up each server one by one to investigate, Jamion and his team found that 20 servers had been affected and would have to be rebuilt.

As soon as everything was under control, Jamion made a case for switching to two new anti-virus protection providers, one of which uses AI to constantly update its virus definitions. He also implemented 秋葵视频色 for email spam filtering, as the Ryuk attack had been initiated through a phishing email. 鈥淥verall, we wanted to make it foolproof for our end users,鈥 says Jamion. 鈥淲e didn鈥檛 want anyone worrying about what they were clicking on, and we wanted people to feel assured and safe.鈥

Since the upgrade, it鈥檚 been smooth sailing for Jamion and his team. 鈥淲e鈥檝e had zero issues so far,鈥 he says. And though they have the advantage of AI, keeping safe is also a matter of staying informed. 鈥淲e鈥檙e constantly looking for what the next ransomware is going to be,鈥 says Jamion. 鈥淲e also rely on third-party companies to investigate that for us. 秋葵视频色 does a great job of making sure the rules and definitions are up to date, and it catches a ton of stuff that we wouldn鈥檛 have caught on our own.鈥

Overall, this experience was a hard-won lesson for Jamion. Though his team works hard to keep the Cozad Community Health System network safe, there鈥檚 only so much a person can do to protect a company against security threats. The real protection comes from having the right solutions in place that are appropriate for the size and sensitivity of the company and the information it houses.

 

The top IT challenges of 2021

While it鈥檚 true that many are opting to manage their IT in-house, that doesn鈥檛 necessarily mean it鈥檚 going well. In fact, 34% of respondents reported that their biggest challenge to productivity was that they were too understaffed to manage IT well. Another 32% reported that disparate systems were contributing to their productivity challenges.

Q: What is the biggest productivity challenge you face today?

Interestingly, for respondents whose IT is completely outsourced, only 1 in 5 of them said they experienced the challenge of understaffed IT, and they also completely avoided the challenge of not having skilled IT workers in-house.

We also asked our respondents to rank the complexity of a number of IT activities, in order from most to least complex. Here鈥檚 what they said:

Q: Rank the level of complexity from most to least complex involved in managing and governing each of the following:

How companies are addressing their IT challenges

Understanding the IT challenges today鈥檚 businesses are facing is one thing. How they plan to address these challenges is another.

Most survey respondents鈥 action plans are focused on improving operational efficiency (42%) or looking to hire more IT team members to make up for the current skills shortage they鈥檙e experiencing (42%).

Q: What is the company focusing on to improve IT team productivity?

From the experts: IT is an investment, not a line item

Talk to any expert in the MSP world and they鈥檒l tell you something similar: seeing IT as a cost center鈥攔ather than an investment鈥攚ill only make it harder to overcome the challenges your business is facing.

And the challenges are plentiful enough as it is. For Eric Marcus, founder of Marcus Networking, he realized just how challenging IT management could be while working as an IT Director. 鈥淚 was working with a cabling company, a phone system company, router providers鈥 I basically had to have someone for each of the 10 things I needed,鈥 he says.

He found it difficult to rely on so many disparate providers and services just to do his job, and he also found that there was an uncomfortable tendency for each of his vendors to blame 鈥渢he other guys鈥 when something wasn鈥檛 working. 鈥淚t became a blame game,鈥 he says. 鈥溾楾he cabling company would say, 鈥楬ey, it's not our cabling that鈥檚 the problem, it's the phone,鈥 and the phone guy would come out and say, 鈥楾he cabling鈥檚 the problem.鈥欌

Eric鈥檚 wish as a client was one that he came to fulfill on his own when he founded Marcus Networking: to have a place where all IT services would be provided in a streamlined way, under one roof.

While Marcus Networking, and other MSPs like it, have found a huge amount of success in providing clients with a holistic, full-service IT management solution, there tends to still be reticence among some businesses that are struggling with their IT management and are looking for a way to simplify things.

The problem arises when businesses fail to see IT services as an opportunity for future growth. As Patrick Kinsella of 1Path tells it, 鈥淚T is not simply a line item or something that can be cut. Our best customers are organizations that view IT as a utility and as a resource.鈥

Warren Finkel, founder of ACE-IT Solutions, echoes a similar sentiment. 鈥淎 big part of what we do is helping people understand risk, and that productivity in their business means operational efficiency with IT and cyber. We can鈥檛 work with clients who refuse to acknowledge that they could be hacked, or don鈥檛 see the importance in upgrading their software.鈥

The key takeaway here is that for businesses struggling with IT management, it may be time for a shift in perspective. Having IT infrastructure that鈥檚 secure, well-run, and streamlined is a serious undertaking, and much of the time, requires a strategic partnership in order to roll out at scale. Seeing it as something to invest in, rather than a problem you may never outrun, is a way to reframe challenges as opportunities.

 

Employee compliance is a major concern

While most security concerns have increased as workplaces go remote, one stands out as especially pressing: maintaining compliance. How can you ensure that everyone鈥檚 using the systems they should be using to keep your data safe?

Two issues stood out with our respondents when reporting their biggest challenges in maintaining compliance virtually: finding a solution that is automated and easy to use (37%), and employees using their own virtual tools with a lack of governance (36%).

Q: What is the biggest challenge you face in maintaining compliance with a virtual workforce?

And while the majority (69%) of organizations have an email archiving solution in place for compliant communication retention, 26% have no solution in place at all.

Q: Which of the following communications retention solutions do you have in place?

We also found that 42% of respondents are only archiving email communications, without a solution for archiving other virtual communications through apps like Zoom and Microsoft teams.

The case for archiving business records

Archiving communications and business records isn鈥檛 just best practice, it鈥檚 often the law. There are regulatory bodies and legal systems which may require things like invoices, policy statements, client files, communications with members of a supply chain, orders, prospect inquiries, or employee records to be accessed and produced.

While businesses can use simple backup to keep records, this is often an incomplete solution that makes it easy for data to be deleted or modified. It also makes it time-consuming and difficult to search for and produce data.

Employing archiving solutions is a much better option, which can:

  • Index relevant content in as close to real time as possible
  • Ensure that content can鈥檛 be deleted before it is permissible to do so, and can鈥檛 be modified, either intentionally or accidentally
  • Enable robust search capabilities so that legal counsel, senior managers, individual users, and others can search for and find the content they need
  • Enable archived data to be managed in such a way that analytics tools can be used to gain insights

Especially in an age where it鈥檚 harder than ever to ensure that remote employees are using the right tools and following the right protocols, it makes sense to implement a solution that will automate that process and take the burden off of employees to ensure they鈥檙e keeping the company鈥檚 data safe.

 

What happens when data is lost?

It鈥檚 every IT manager鈥檚 worst nightmare: losing data you can鈥檛 recover. No one wants to be at fault when a system failure or security breach compromises company information. Almost two-thirds of our respondents (62%) said that a data loss event would have a moderate to major impact on their business because of lack of recovery solutions or complexity of recovery.

Q: If your cloud solutions (ex. Salesforce, Dropbox, Microsoft) experienced data loss today, how much of an impact would that have on your workforce?

Regardless of the potential for catastrophe, data loss is something that happens. Only 34% of respondents reported that they鈥檇 be able to very quickly recover records in the event of a data loss, while a further 9% said they wouldn鈥檛 be able to recover them at all.

Q: If you experienced data loss with one of your cloud solutions (ex. Salesforce, Dropbox, Microsoft), how quickly would you be able to recover your records?

Case Study: How Cozad Community Health System Dealt with Data Loss

Let鈥檚 revisit Jamion鈥檚 story from earlier in this report. As you may recall, his workplace was targeted by a ransomware attack in the middle of the night, which infected the system through a phishing scam.

Jamion and his team were notified very quickly after the attack took place. Within 15 minutes, a nurse alerted one of Jamion鈥檚 team members that a printer was down, which was the tipoff that something was wrong.

Jamion and his team moved quickly, shutting down all the servers and then booting them up one by one using VMWare to assess any damage done. The biggest concern was protecting patient data, but thankfully, the company鈥檚 electronic medical record system is housed offline, outside of the network.

While patient data was safe, Cozad Community Health System wasn鈥檛 completely out of the woods. Of the 20 servers that were affected and had to be rebuilt, one of them lost three months鈥 worth of data that was ultimately unrecoverable.

While things certainly could have been worse, there was a hard-won lesson for Jamion to learn: 鈥淵ou should always have a backup plan in place,鈥 he says. 鈥淎nd a backup plan to your backup plan.鈥 This means regularly checking that your backup solutions are working and that you also have offsite backups in place. 鈥淵ou can never have too many,鈥 says Jamion.

Now, it鈥檚 more of a priority than ever for Jamion and his team to offer backup solutions to every piece of data housed on network servers.

 

Advice from the front lines

Even with the best laid plans and the strongest and most secure systems in place, things go sideways in the IT world all the time. We鈥檝e gathered feedback from our survey respondents on the top three pieces of advice they can offer to other IT professionals.

Theme one: Find a trusted partner

Many respondents said that finding a single-vendor MSP or trusted technology partner helped them immensely.

Theme two: Finding the right solution takes work

You won鈥檛 arrive at the perfect solution with one try, but with patience, the right documented processes and some testing exercises, you鈥檒l find one that works for you over time.

Theme three: Security is the goal

鈥淪ecure the endpoint鈥. No one wants to deal with lost data. Whatever solution you choose, the goal should always be to prioritize security.

Modern workplaces have changed for good, but with the right tools, today鈥檚 teams can adapt

Changes to security threats, compliance concerns, and a distributed workforce have all contributed to a higher-risk environment for IT professionals to adapt to.

While there are more challenges than ever, there are also more solutions available to help streamline, secure, and strengthen workplaces against the biggest and most prevalent problems facing today鈥檚 team.

One thing is clear: staying informed and finding the right help when you need it can help you go far in bringing your business into the future.