In its new trends report, “Detours Ahead: How IT Navigates an Evolving World,” JumpCloud, a cloud and device security specialist, found that 88% for small and medium enterprises (SMEs) either use or are planning to use an MSP.
However, 39% of SMEs expressed concerns about how MSPs manage security. The main reasons SMEs stopped working with an MSP were listed as: cost (28%), outgrowing the MSP's service offerings (26%), moving IT to a strictly internal function (24%), or having a bad customer service or sales team experience (23%).
Chase Doelling, principal strategist at JumpCloud, told MSSP Alert that research from the biannual SME IT Trends report will help the company learn about the competition facing its MSP partners, and that differentiating in this environment “is not about success but survival.”
"I think the big takeaway is that while SMEs continue to lean on MSPs for a whole host of reasons, this is the first time we've seen internal teams claw back a little internal control,” Doelling told MSSP Alert. “Fewer SMEs are turning to MSPs to manage their entire IT program, and 40% are worried about how MSPs handle security. They're simply willing to cut bait more readily than they've been before if they don't see value.”
While cost and outgrowing an MSP's offerings are the two top reasons SMEs stop working with an MSP, the plus side is that 70% of SMEs plan to increase MSP investment.
“So, the growth opportunity is within reach for MSPs who can deliver and scale with their clients' needs,” Doelling said. “Flexibility, value, and extraordinary client relations are the key."
Making More Out of the MSP Relationship
While MSPs are seen as delivering better security, productivity and cost-savings, there are also signs that SMEs are starting to expect more from their MSP partners. According to JumpCloud:
- MSPs are a critical tool for SMEs and investment is expected to increase. 76% percent of SMEs rely on an MSP for at least some functions, the same as the 76% who reported so in Q1 2024. Over the next 12 months, 67% of SMEs say they'll increase their MSP investment.
- While MSPs drive cost savings, SMEs report improvements in security and efficiency as the biggest return. When asked about the results of working with an MSP, 56% said MSPs led to better security. Fifty-seven percent said MSPs increased their effectiveness at managing IT, and 37% said they saved money for their organization.
- Not all IT teams are eager to work with MSPs. For the 24% who don't use an MSP, 47% say it's because they prefer to handle IT themselves and 39% say it's because MSPs are too expensive.
The Rise of Shadow IT
One pain point for MSPs is the rise of “shadow IT” and the need for better admin control.
Shadow IT is the use of IT-related hardware or software by a department or individual without the knowledge of the IT or security group within the organization. It’s what causes security holes and also creates compliance violations, data loss risk and fragmented, inefficient IT, JumpCloud said. Thus, as cloud applications increase and AI use grows, IT teams want to mitigate risks by identifying and managing unauthorized apps and resources.
JumpCloud’s research revealed:
- A lack of visibility and control is creating substantial concerns. 84% of SMEs are concerned about applications managed outside of IT (i.e., shadow IT), with 35% reporting they're very concerned.
- SMEs are experiencing a steady stream of cyberattacks. 45% of SMEs have been the victim of a cybersecurity attack in the first half of 2024. Of those, 28% experienced two attacks, 17% have experienced three, and 5% suffered three or more. The most common source for cyberattacks was phishing (43%), followed by shadow IT (37%), stolen or lost credentials (33%), and a breach in a partner's organization (30%).
- IT admins are struggling to keep organizations safe. 49% of IT teams say that despite their best efforts, their organization lacks the resources and staffing to secure the organization against cybersecurity threats.
Security Teams' Biggest Fears
JumpCloud reports that security continues to be the number one challenge facing IT teams as cyberattacks increase in both frequency and sophistication. But it's a lack of visibility, control and easy management of employees and their devices that continues to trouble them.
JumpCloud found that:
- Security fears dominate. 60% of SMEs consider security the biggest IT challenge, followed by new service and application rollouts (42%), the cost of solutions necessary to enable remote work (40.8%), and device management (39%). The four biggest security concerns are network attacks (40%), followed by software vulnerability exploits (31%), ransomware (31%), and shadow IT (29%).
- The threat is rising, as are worries about security budget cuts. 50% of IT teams report being more concerned about their organization's security posture than they were six months ago, down slightly from the 56% who said the same in Q1 2024. 71% said any cuts to their security budget would increase organizational risk.
- SMEs still need to securely manage passwords. While the industry pushes for passwordless authentication, 95% of respondents use passwords to secure at least some IT resources.
What’s Keeping IT Admins Up at Night
Greg Keller, JumpCloud co-founder and chief technology officer, said that IT teams are dealing with many obstacles and face uncertainty about economic conditions and upcoming elections.
“There are growing security threats, complex tech stacks and device varieties,” Keller said in a statement. “Despite this and more, IT admins are resilient and resourceful. What’s keeping them up at night is what they can’t see — 84% of IT admins worry about shadow IT.
“To help combat the security holes shadow IT creates, IT needs to deploy tools to help spot rogue apps. This will give IT teams the control and visibility they need to keep organizations safe.”
