SHARE THIS REPORT
Intermedia’s 2016 IT Confidence Index surveyed 350 US-based IT decision makers (ITDMs) to understand the state of IT and pinpoint the biggest challenges they currently face. The Index asked respondents to rate their level of confidence on a scale of 0 to 10, where zero represents “not confident at all” and 10 represents “extremely confident.” Respondents were grouped based on their scores:
The overall IT Confidence Score generated from the study was a 7.2 out of 10. And when asked about their team’s ability to protect their organization from various IT risks, IT scored their confidence level at a 6.7 out of 10.
For our inaugural Index, we wanted to statistically measure the biggest concerns IT decision makers face across their job functions. This data clearly reveals how concerned IT teams are about their ability to effectively protect their organizations. I believe as cloud adoption increases, confidence will also increase, and it will be interesting to see if that theory bears out in future studies.Jonathan Levine
CTO, Intermedia
The following are some of the key findings (the full report is available for download below).
We consider scores below a 7.0 extremely worrisome, representing a vote of no confidence (a “neutral” or “I don’t know” is not confidence-instilling). Imagine if you were boarding an airplane and you asked the pilot how confident he or she was in the plane’s airworthiness. If the pilot responded, “Oh, I’d give it about a 7.0,” would you get on that flight?
Given the maturity of information technology, ongoing innovation, the amount of money companies spend on IT, and the mission-critical role technology plays in every type of business today, an overall confidence score of 7.2 in our view indicates a low level of confidence. It should raise serious concerns among company leaders, employees and IT teams who are, at best, no getting the most out of their IT systems and at worst are potentially exposed to unnecessary risks.
The relatively low score should also stir fear in the IT vendors and service providers selling information systems to these organizations. On one hand, it may indicate that their offerings are not living up to their promises or that growing complexity is making it difficult for IT teams to manage their various systems effectively. On the other hand, it represents an opportunity for vendors and service providers who are well-positioned to alleviate IT pros’ concerns and raise their confidence.
Scores of 4.0 or below indicate imminent IT problems that require immediate response. In general, we’d expect to see very few scores dip that low except in rare circumstances.
When asked about their organizations’ ability to prevent, withstand or stop various IT security risks, IT pros gave a Confidence Score of 6.7 – crossing below the minimum confidence threshold. This means that IT pros lack confidence in their ability to protect organizations from the constant barrage of threats they face. Ransomware, botnets and DDoS attacks are among IT pros’ biggest concerns, but security threats as a whole serve as a constant worry.
And IT pros at smaller companies expressed significantly greater uncertainty about their ability to protect their organization than those at larger ones. This, of course, makes sense because smaller companies tend to have smaller IT budgets and teams. These smaller companies make up a large portion of our economy, yet are typically softer targets for breaches that can cause wider scale problems.
Confidence levels in the ability to prevent, withstand or stop various IT security risks, by company size and threat:
But do these concerns correlate to occurrences of security instances within the workplace? 15% of IT professionals indicated that a “significant” security breach occurred within their organization within the past 12 months. Approximately one-fifth reported a security compromise at their company due to a phishing attack.
Each one of these breaches comes with a cost to the company, but the impact can go well beyond the company itself – extending to partners and even consumers. Yet, despite years of rising threats and tech innovation, IT teams still lack confidence in their ability to combat today’s evolving security threats, which means businesses are likely at greater risk than they might think.
As this Index signifies, companies are feeling the fallout of phishing and malware, which can lead to data loss and ransomware attacks (causing businesses to be taken offline for days unless they decide to cough up the ransom.) These continually growing threats have shaken the confidence of IT as they work to keep their organizations’ protected. Education is the first step to combatting cyber threats. Equally important, however, is putting the tools in place to protect company data, including having access to clean versions of infected files in the event of a ransomware attack so businesses can remain up and running as usual.Richard Walters
SVP of Security Products, Intermedia
Security is not purely about technology: user education is also key. Unfortunately, employee education remains subpar, creating even more vulnerabilities across companies.
To better equip employees from falling victim to cyber-attacks, many companies do offer interactive IT security training. It’s the smaller companies, again, that are falling behind.
While the larger companies are doing better at conducting recurring trainings, every 6 months is inadequate. Security training needs to be a frequent practice. Every few months, we send a reminder email tied to timely events – for example, talking about the risks of password reuse when a big data breach is in the news. We also do our Hacktober event throughout the month of October where we simulate security incidents to help employees detect and prevent cyber-attacks in a fun and interactive way. What we’ve found over the years is that the percentage of employees falling victim goes down dramatically with each internal attempt. In addition to educating our employees, these hacks provide valuable and meaningful insight into changes and updates that are necessary in our security practices.Ryan Barrett
VP of Security and Privacy, Intermedia
Offering frequent interactive training might be an achievable goal for larger companies, but we know this could present a challenge to smaller organizations. We see this as a prime opportunity for these smaller companies to engage with outside IT consultants/vendors who offer comprehensive security training programs as part of their professional services portfolio.
Providing cybersecurity training is a fantastic opportunity for partners to deliver an additional value-add to their customers. MSPs should consider partnering with one of the leading phishing services companies to offer interactive security trainings as a service to their customers. It’s something MSPs should be advising their customers on just as anything else.Eric Martorano
SVP of Worldwide Sales, Intermedia
The ability of IT teams to consistently and reliably deliver general IT services to their organization received an IT Confidence Score of 8.2. This category received the highest level of confidence among the areas measured. Despite the challenges IT teams face, this score indicates IT teams are fairly confident in their own abilities. Still, there’s a stark difference in confidence between IT teams at smaller companies and IT teams at medium to large companies:
But how do these variances in confidence equate to their cloud usage? On average, respondents indicated that they are running the majority (56%) of their IT applications in the cloud, with 37% expecting to use more cloud-based applications over the next 6 months. As a company's size increased, the overall percentage of their cloud usage did as well.
These smaller companies also had the fewest number of IT applications running in the cloud (46%), while companies with 500+ employees were running more than two-thirds (69%) of their IT applications in the cloud.
IT Confidence Index findings confirm that it’s the smaller companies that are struggling the most with their cloud transition. Fewer than half of the apps SMBs use today are cloud-based. Simultaneously, SMBs expressed the least amount of confidence in keeping their organizations secure. This combination presents MSPs with a big opportunity to help serve small- and medium-sized businesses looking to transition to the cloud, but can’t afford to run IT on their own.Eric Martorano
SVP of Worldwide Sales, Intermedia
When we asked IT pros if they felt confident that their company was spending enough on infrastructure (defined as server, storage and network components, but not including software), they gave the lowest score of all four categories – an IT Confidence Score of 6.5.
This data shows me that ITDMs understand the level of investment that they would have to make in order to adequately run their own infrastructure. Companies with 500 users and below find it difficult to invest in what is needed to create a redundant and reliable infrastructure. That fact could shake the confidence of anyone running on-prem environments.Jonathan McCormick
COO, Intermedia
While ITDMs are not very confident in the amount they are spending on IT Infrastructure, only a minority are investing more today than they were a year ago:
Compared to a year ago, the majority of IT professionals (59%) said that their company was investing about the same in IT infrastructure to support the overall current and future needs of the business, while only 39% said that their company was investing more.
When respondents said their company would be increasing spending, they expected investments to go primarily toward security applications and systems.
Correlate these IT Infrastructure findings with the lack of expressed confidence in combating security risks and the potential impact to businesses gets even scarier. IT Infrastructure and Security are the lowest ranking confidence categories measured. Technology is advancing, as are the expectations around availability and the need to continually improve security positioning. Everyone is focused on getting more efficient and trying to do more with less. If ITDMs truly feel like they are not investing enough in their infrastructure to help guarantee that it remains secure and highly available, then they should be looking to consume these IT needs as cloud services from larger service providers that are committed to making these investments on their behalf.Jonathan McCormick
COO, Intermedia
IT pros expressed modest confidence in their ability to hire and maintain a skilled IT workforce—receiving an IT Confidence Score of 7.4 (slightly above the overall 2016 Index average). Roughly one-third of respondents said they felt more confident now than they did last year.
Competition for top talent remains fierce. When asked if they felt set up for success with a skilled workforce, 32% of all respondents agreed with the statement: “My organization gives me everything I need to be successful.”
IT pros at larger companies expressed greater confidence that their needs were being met:
According to the report, 64% of survey respondents said that their company uses IT consultants and/or MSPs. This is consistent with CompTIA’s research that indicates 65-75% of IT purchases are influenced by the channel.
IT consultants are trusted advisors, scoring high marks for the assistance they provide:
However, 33% of IT professionals think that IT consultants are too hardware focused, and 24% think that IT consultants don’t put enough emphasis on cloud solutions.
Companies in need of more than just advice are turning to MSPs for help. We have found that a large number of ITDMs look to IT consultants to assist with moving their businesses to the cloud. IT consultants should be taking advantage of the strong reputations they have already built. By building out a managed services practice, IT consultants can create more value for ITDMs while continuing to be known as the strategic advisor they’ve always been considered. As the report findings show, ITDMs are looking for cloud experts, specifically in the areas of ransomware and compliance regulations. Being that trusted advisor and building a cloud business is a great opportunity for these partners to fill a market need.Eric Martorano
SVP of Worldwide Sales, Intermedia
What it does. This two-in-one app offers both file backup and file sharing & syncing, while giving business managers full control over access and a full audit trail.
How it helps. SecuriSync improves user security practices in many different ways.
What it does. This service stores passwords on a user’s behalf and provides a single portal for easy access to all their web apps. It logs them in with just one click.
How it helps. AppID lets you connect employee credentials to third-party web apps via Active Directory, enabling you to prevent ex-employee access by disabling their logins with a single click.
AppID also prevents insecure password practices because users simply don’t have to remember passwords.
What it does. AppID Enterprise’s patented App Shaping technology enables admins to set policies that determine exactly which pages or elements within any web app users can access or see. For example, you can remove or grey out exporting functionality; hide or redact sensitive data; define access to features based on user role; and restrict access to ANY element within a web app.
How it helps. This technology helps prevent unauthorized access and data breaches by ensuring that only authorized users are allowed to access sensitive data or perform certain tasks within the web app.
What it does. AppID Enterprise gives you a detailed audit trail of all user interaction with any web app—from login to logout and everything in between, including screenshots. You can configure auditing levels for both individual users and applications as well as groups of users.
How it helps. These features prevent misuse of data because employees know that their actions can be tracked. In addition, it makes it easier to facilitate compliance with regulations designed to avoid data breaches.
What it does. Intermedia’s HostPilot control panel provides a single source of management across 30 business IT apps. This centralized control over your Office in the Cloud offers a number of key security features.
How it helps. HostPilot helps you prevent data theft by offering remote wipe of devices. It also reduces the risk of poor password practices by letting you set policies regarding password length and complexity for Intermedia services.
What it does. Intermedia’s HostPilot control panel gives admins control over the mobile devices that are used to access Intermedia services.
How it helps.
What we offer. Intermedia offers a number of critical security tools, including email security, email encryption, Single Sign-On (SSO) and more.
How it helps.
What it does. Email Archiving captures every email a user sends and receives and stores it in a tamper-proof archive.
How it helps. Email Archiving is “tamper proof,” which means that emails containing critical company data cannot be intentionally or accidentally deleted by either employees or IT administrators. Email Archiving also helps companies easily find and restore information, simplify eDiscovery in the event of litigation, and facilitate compliance with industry rules and regulations.
Follow @intermedia_net or discuss your experience using the hashtag #ITConfidence.
SHARE THIS REPORT
About Intermedia
Intermedia’s Office in the Cloud offers a suite of cloud business applications that are fully integrated, secure and mobile. Our services include business email, voice, file backup and sharing, single sign-on, security, mobility, archiving and more. They’re all managed through our central HostPilot® control panel and backed by a Worry-Free Experience™ that includes a 99.999% uptime service level agreement and award-winning 24/7 support as certified externally by TSIA and J.D. Power.
Learn more about Intermedia
About the Index
The Index is the average of four IT confidence scores: General IT Services, Security, Infrastructure and Skilled IT Workforce. Each of these confidence scores was calculated using a question scale, which asks respondents to rate their level of confidence on a scale of zero to 10, whereas zero represents “not confident at all” and 10 represents “extremely confident”. Respondents are then grouped based on their scores: Confident (score 7-10), Neutral (4-6 and “don’t know”), and Unconfident (0-3).
Survey methodology
This study was commissioned by Intermedia and delivered by Precision Sample, an independent market research organization. Precision Sample has an active proprietary panel of over 3.5M respondents that is routinely validated with a stringent screening process including Verity® and RelevantID® by Imperium®. Results derived from a 12-minute online survey instrument with 38 total questions, fielded August 17-19, 2016. Setup questions were used to ensure that only IT professionals who have primary decision making authority for purchase or influence over IT purchasing decisions were in the sample. Overall margin of error of +/- 4.36% at a 90% confidence interval.
HostPilot, Intermedia AppID, AppID Enterprise, Office in the Cloud, SecuriSync, and Worry-Free Experience are either registered trademarks or trademarks of Intermedia.net, Inc. in the United States and/or other countries. Imperium, RelevantID, and Verity are either registered trademarks or trademarks of Imperium LLC in the United States and/or other countries.