Security risks replace remote/hybrid work as top SME IT concern


JumpCloud has announced the findings from its Q2 2022 SME IT Trends Report, ‘IT Evolution: How IT Is Securing the Next Stage of Small and Medium-Sized (SME) Workplace Models’. The report provides updated survey results and new findings to its biannual SME IT Trends Report first released in June 2021.

Now two years into the transition to hybrid-remote workplaces, IT teams report that employees are becoming better partners in securing company data and their organisations are investing in IT.

JumpCloud commissioned this biannual survey of SME IT admins to gain unique insights into the day-to-day experiences of IT professionals who ably power and secure operations without enterprise-level budget and staff. The most recent survey results highlight that while IT teams are successfully managing hybrid-remote work, they are still burdened with a glut of tools despite a strong preference for more centralized IT management. 43.7% of employees now require six or more tools  just to get their job done, but 74.6% of respondents preferred a single tool.

External events like the war in Ukraine and uncertainty in financial markets introduce more complexity, adding another layer of operational concern for SME IT teams. Despite these challenges, SME IT admins remain dedicated to their jobs and responsibilities even while feeling overwhelmed by them.

“From complicated tech stacks to the downstream impact of global events, IT admins are working to secure and simplify workflows in less-than-ideal circumstances,” said Rajat Bhargava, co-founder and CEO, JumpCloud. “As IT teams sound the alarm about increased threats, SMEs should acknowledge these professionals are needlessly juggling a sprawling tech stack that isn’t efficient or cost-effective and that introduces unnecessary risk. While SMEs look to invest more heavily in IT infrastructure, a platform approach can improve employee experience and productivity, and provide safe access to critical applications and data – all for a lower TCO than bespoke point solutions.”

Key findings include:

Business outlook:

  • Nearly half of workers are back in the office. 47.1% of workers are in the office full time in 2022 versus 40.1% in 2021. Remote workers are 24.8% today versus 22.6% in 2021, and hybrid workers are down to 32.5% compared to 42.5% a year ago.
  • World economic issues are impacting business. 61.4% report that supply chain disruptions or product shortages have hurt their business (30.5% significantly, and 2.8% disastrously). 57.6% say labor shortages have been an issue for their business (26.3% significantly, and 5.1% say it’s been a serious business limiter).
  • Labor shortages impact the US more than the UK. 37.1% of US respondents report that labor shortages have been significant or a serious business limiter versus 25% in the UK reporting the same.
  • War in Ukraine is also impacting business. 40.5% of all respondents say the war in Ukraine has impacted their organisation. 58.6% agree that the war in Ukraine has increased their organisation's focus on security. In the US, 64.4% agree the war has increased their organization's focus on security versus 52.7% in the UK.


  • Security is the biggest challenge in 2022. 59.4% said security was their number one challenge, followed by device management (48.1%) and migrating all workers to fully or partially remote (47.8%).
  • Majority of organisations require the use of biometrics for employee authentication. 55.9% currently require biometrics now. In 2021, only 22.3% of admins reported that biometrics had been implemented.
  • Balancing security and user experience is a growing challenge. 66.1% agree that adding security measures generally means a more cumbersome user experience, an increase from 58.1% who said the same in 2021.
  • Outside threats loom large. The three biggest security concerns are network attacks (39.7%), ransomware (30.9%), and software vulnerability exploits (30.6%). In 2021, the three top were software vulnerability exploits (39.4%), use of the same password across applications (39.4%), and use of unsecured networks (37.9%). 
  • Patch management is seen as successful. 78% are confident that their organization's patch management strategy is sufficient to protect against known vulnerabilities. In terms of patch timing, 60.1% are patching within seven days and over one-third (35.8%) deploy patches ASAP. 
  • Patch management is intentional. Nearly half (47.1%) use a security staff member dedicated to identifying vulnerabilities and performing fixes, as well as managing the execution, mitigation, and remediation of patches. 46.7% follow patch schedules according to vendors' patch release dates.
  • Many leave responsibility to users. 39.4% said patch management is the user's responsibility to update when prompted.
  • Single sign-on (SSO) is picking up steam. In terms of SSO adoption, 33.9% use it across their entire organization, 35.6% use it for a limited number of apps or devices, 17.95% use it for collaboration tools, and 12.5% haven't deployed it. In 2021, only 20.4% of IT admins had already implemented SSO.
  • Organizational interest in passwordless is strong. When asked if passwordless authentication is a priority for their company, 62.6% agreed versus 17% who disagreed.
  • But IT admins aren’t entirely sold on the importance of passwordless. 52.6% agree that passwordless authentication is more of an industry buzzword than it is an IT priority. Only 23.6% disagreed.
  • Biometrics are seen as secure but difficult to implement. When ranking the most secure step for multi-factor authentication (MFA), the top answer was biometrics (34.2%) but it’s also seen as the hardest to implement (37.6%).
  • One-time passwords (OTP) will likely stick around. When ranked, OTPs are seen as easiest for users (35.5%), the second most secure (29.7%), and easiest to deploy (37.6%).
  • IT admins personally use biometrics. Personally, 74.5% use biometrics to secure their devices through a variety of methods: fingerprint (52.9%), face recognition (31.7%), voice recognition (10.1%), and liveness detection (4.9%).

IT management:

  • Migrating workers to remote or hybrid work continues to be a challenge. 47.8% report it’s one of the biggest challenges for their IT team over the last year, versus 41.6% reporting the same in 2021. 
  • IT admins are a little happier and not as overwhelmed. 60.4% report being happier in their job than a year ago versus 56.5% reporting the same in 2021. 59.4% in 2022 are somewhat or very overwhelmed versus 66.9% in 2021. 
  • Device breakdown continues to be heterogeneous, and a little heavier on Windows. The combination in 2022 is 68.1% Windows, 20.2% macOS, and 16.9% Linux, compared to 58.2% Windows, 24.6% macOS, and 20.6% Linux in April of 2021.
  • Recession and inflation concerns loom. 26.2% report they are actively doing recession planning, while 57.4% are either considering recession planning or think it’s a good idea. Only 5.1% say inflation worries them “not at all,” and 70.4% report some concern (31.2% consider it a big worry, and 8.1% consider it an existential threat).
  • Tool creep is a risk. The majority of teams (42.7%) use two to three tools to manage the employee lifecycle and 38.2% of teams use three or more tools.

Life of IT admin:

  • Remote work is easier to manage. 50.7% agree that it’s as easy to manage remote/hybrid workforces as fully in-person workforces. In 2021, 55.8% of admins said that ongoing management of remote workers was the biggest challenge for their IT teams. 
  • Centrally managed IT tool is highly desirable. 74.6% agree they would prefer to use a single solution/tool to do their job over managing a number of different solutions, an increase from 69.7% in 2021 (Dec).
  • IT teams use a number of tools to do their job. 41.1% of IT admins estimate employees need three to five tools to do their job.

Managed Service Providers (MSPs):

  • MSPs on the rise. 87.5% say they currently use an MSP or are considering one, up from 84% a year ago. Most use MSPs to support their internal IT team (37.9%), though almost one-third (27.1%) use one to completely manage the IT program. 
  • Knowledge, cost, and user experience are seen as key MSP benefits. The top three reasons IT teams turn to MSPs are that MSPs are up to date on the latest technologies (61.2%), they can provide a better user experience (52.5%), and they are cost-effective (52.4%).
  • MSPs used for a variety of functions. Admins reporting the program most commonly managed by MSPs are cloud storage (51.1%), system security (48.4%), system management (47.9%), and system monitoring (42.9%).
  • MSPs are seen as valuable. 69.8% say their use of MSP has resulted in better security, 52.8% report a better employee experience, 37.4% say it has made their IT jobs easier, and 32.5% say it makes them more effective at managing IT.
  • IT control is the biggest barrier to MSP implementation. For those who don't use MSPs, the top reasons are that they prefer to handle IT themselves (55.5%), that MSPs offer more than they need (32.7%), MSPs are too expensive (29%), or they are too small to be a client even if they wanted to work with an MSP (9.7%).
  • MSP security a significant concern. Over one-third of respondents (37.2%) have concerns about how their MSPs manage security.
  • US admins rely more heavily on MSPs than UK. In the US, 34.2% say an MSP completely manages their IT program, including technology, process, and support versus 20% in the UK. 9.3% of US admins have no plans to work with MSPs versus 15.6% in the UK. Despite higher MSP usage rates, more US admins (41.5%) report concerns about MSP safety than UK admins (34.3%).

Geographical differences:

  • The UK is unhappier in their job and sees more challenges. 15.2% of UK admins disagreed that they were happier in their job versus 9.7% of US counterparts. More UK respondents also disagreed that it is as easy to manage remote/hybrid workforces as fully as in-person (33.1%) versus 24.1% in the US. UK admins also had more budget decreases (7.05% versus 2.4% in the US).
  • Roadblocks for consolidating IT products were the same on both sides of the pond. The top three reasons for not consolidating were that no single product out there that will meet all needs (35.7% in US, 46.9% in UK), not wanting to be dependent on a single product (32.5% in US, 36.9% in UK), and too much existing infrastructure (31% in US, 37.7% in UK).
  • US admins are more skeptical of passwordless than UK counterparts. In the US, 57.3% say passwordless is more of an industry buzzword than an IT priority versus 47.7% in the UK.
  • The US requires its employees to use more tools. 48% of US admins estimate employees need six or more tools to do their job versus 39.3% in the UK who need the same.
  • UK admins leave less security management up to users. In terms of enabling employee access to resources, 17.8% in the US say all accounts are unmanaged and security requirements like MFA are encouraged but not mandated versus only 9% in the UK.

Survey Methodology

JumpCloud surveyed 1,007 US and UK IT decision-makers across a variety of industries. The survey was conducted via Propeller Insights, Apr. 14, 2022 to Apr. 20, 2022.

Add a Comment

No messages on this article yet

Editorial: +44 (0)1892 536363
Publisher: +44 (0)208 440 0372
Subscribe FREE to the weekly E-newsletter