As we have just announced, the Devolutions State of IT Security in SMBs in 2023-24 survey is now available!
This is the fourth consecutive year that we are asking executives and decision-makers in SMBs worldwide to share their concerns, challenges, tools, policies, and plans regarding:
- Privileged Access Management
- IT Security Awareness
- Remote Access Management
- IT Security Management
To help us make the survey (and the associated report) as relevant and insightful as possible, last month we asked you: What do you want to see in this year’s survey?
As we had hoped, there were many interesting responses! Here is a snapshot of what the community wants to learn in this year’s survey, which we have grouped into four categories: tools, threats, trends, and training (responses with a * were mentioned more than once).
- What percentage of businesses use cloud only and have no on premises solutions?
- If a PAM solution is fully deployed, how much of the company is using it?
- What VPN solution is the best, and what are the reasons? *
- Can ChatGPT help improve security?
- How secure are AI tools, and how do they handle data? *
- How are companies using AI/ML in enterprise IT ops?
- What are the top recommendations for optimal desktop security?
- What are some stats on how remote working is going, and which direction it is going? *
- How are companies handling password rotation?
- How many companies are managing 'guest' users (like in Azure) actively (auditing, removing, etc.)?
- How are various companies handling the "simple" task of password management and requirements for complexity and rotation? How many are adhering to NIST guidelines versus other benchmarks? Are any pushing toward passwordless (e.g., passkey, push auth) solutions?
- What is the biggest cybersecurity concern?
- Now that it is much closer to 50/50 Mac and Windows OS in the workplace, is it true that Macs have always been inherently more secure, or was (as Microsoft claimed) was it more just the sheer number of Windows users made them a bigger target?
- What are most small businesses doing to best invest their limited budgets to improve security?
- Is there a correlation between an office worker’s technical knowledge, and how many hours of their IT teams’ time they waste with unnecessary questions/requests?
- What IT security training are SMBs focusing on?
- What are companies doing on a personal level to prevent security breaches? For example, how much training, how in-depth is the training, and what kind of methods are being used in training, etc.
- Why aren’t more companies going back to simple training? Most users don't even know how to use basic software, so how can they make intelligent security decisions?
Stay Tuned for the Report
We plan on publishing the report in the fall, and we will do our best to address your collective learning goals and topics of interest. In some cases (for example, the request for VPN comparisons) we plan on publishing articles here in the blog in the coming months. You’ve given us a lot of great content ideas to work on!
The Winners Are
Now, let’s announce the two randomly selected poll participants who have each won a $25 Amazon gift card. Congratulations Dennis Robbins and Rick Hensley! Please email me at a email@example.com to claim your prize.
Thank you again to everyone who participated in February’s poll. The March poll is just around the corner!