IT teams face growing complexities and constant security threats.
Intermedia’s 2016 IT Confidence Index surveyed 350 IT
professionals about their biggest challenges across four key
categories: Security, General IT Services, Infrastructure and Skilled
The results reveal their biggest obstacles and worries. And some
will surprise you.
SHARE THIS REPORT
What do IT decision makers really think?
Intermedia’s 2016 IT Confidence Index surveyed 350 US-based IT decision makers (ITDMs) to
understand the state of IT and pinpoint the biggest challenges they currently face. The Index
asked respondents to rate their level of confidence on a scale of 0 to 10, where zero represents
“not confident at all” and 10 represents “extremely confident.” Respondents were grouped
based on their scores:
The overall IT Confidence Score generated from the study was a 7.2 out of 10. And when asked about their team’s ability to protect their organization from various IT risks, IT scored their confidence level at a 6.7 out of 10.
For our inaugural Index, we wanted to statistically measure the biggest concerns IT decision
makers face across their job functions. This data clearly reveals how concerned IT teams are
about their ability to effectively protect their organizations. I believe as cloud adoption
increases, confidence will also increase, and it will be interesting to see if that theory bears out in
Jonathan Levine CTO, Intermedia
The following are some of the key findings (the full report is available for download below).
IT decision makers lack confidence due to:
We consider scores below a 7.0 extremely worrisome, representing a
vote of no confidence (a “neutral” or “I don’t know” is not
confidence-instilling). Imagine if you were boarding an airplane and you
asked the pilot how confident he or she was in the plane’s
airworthiness. If the pilot responded, “Oh, I’d give it about a 7.0,” would
you get on that flight?
Given the maturity of information technology, ongoing innovation, the
amount of money companies spend on IT, and the mission-critical role
technology plays in every type of business today, an overall confidence
score of 7.2 in our view indicates a low level of confidence. It should
raise serious concerns among company leaders, employees and IT
teams who are, at best, no getting the most out of their IT systems and
at worst are potentially exposed to unnecessary risks.
The relatively low score should also stir fear in the IT vendors and
service providers selling information systems to these organizations. On
one hand, it may indicate that their offerings are not living up to their
promises or that growing complexity is making it difficult for IT teams to
manage their various systems effectively. On the other hand, it
represents an opportunity for vendors and service providers who are
well-positioned to alleviate IT pros’ concerns and raise their confidence.
Scores of 4.0 or below indicate imminent IT problems that require
immediate response. In general, we’d expect to see very few scores dip
that low except in rare circumstances.
Cyber threats shake IT confidence
When asked about their organizations’ ability to prevent,
withstand or stop various IT security risks, IT pros gave a
Confidence Score of 6.7 – crossing below the minimum
confidence threshold. This means that IT pros lack
confidence in their ability to protect organizations from the
constant barrage of threats they face. Ransomware,
botnets and DDoS attacks are among IT pros’ biggest
concerns, but security threats as a whole serve as a
And IT pros at smaller companies expressed significantly greater uncertainty about their ability
to protect their organization than those at larger ones. This, of course, makes sense because
smaller companies tend to have smaller IT budgets and teams. These smaller companies make
up a large portion of our economy, yet are typically softer targets for breaches that can cause
wider scale problems.
Confidence levels in the ability to prevent, withstand or stop various IT security risks, by
company size and threat:
But do these concerns correlate to occurrences of security instances within the workplace? 15%
of IT professionals indicated that a “significant” security breach occurred within their
organization within the past 12 months. Approximately one-fifth reported a security
compromise at their company due to a phishing attack.
Each one of these breaches comes with a cost to the company, but the impact can go well
beyond the company itself – extending to partners and even consumers. Yet, despite years of
rising threats and tech innovation, IT teams still lack confidence in their ability to combat today’s
evolving security threats, which means businesses are likely at greater risk than they might
As this Index signifies, companies are feeling the fallout of phishing and malware, which can lead
to data loss and ransomware attacks (causing businesses to be taken offline for days unless they
decide to cough up the ransom.) These continually growing threats have shaken the confidence of
IT as they work to keep their organizations’ protected. Education is the first step to combatting
cyber threats. Equally important, however, is putting the tools in place to protect company data,
including having access to clean versions of infected files in the event of a ransomware attack so
businesses can remain up and running as usual.
Richard Walters SVP of Security Products, Intermedia
Security is not purely about technology: user education is also key. Unfortunately, employee
education remains subpar, creating even more vulnerabilities across companies.
To better equip employees from falling victim to cyber-attacks, many companies do offer
interactive IT security training. It’s the smaller companies, again, that are falling behind.
While the larger companies are doing better at conducting recurring trainings, every 6 months is
inadequate. Security training needs to be a frequent practice. Every few months, we send a
reminder email tied to timely events – for example, talking about the risks of password reuse
when a big data breach is in the news. We also do our Hacktober event throughout the month of
October where we simulate security incidents to help employees detect and prevent cyber-attacks
in a fun and interactive way. What we’ve found over the years is that the percentage of
employees falling victim goes down dramatically with each internal attempt. In addition to
educating our employees, these hacks provide valuable and meaningful insight into changes and
updates that are necessary in our security practices.
Ryan Barrett VP of Security and Privacy, Intermedia
Offering frequent interactive training might be an achievable goal for larger companies, but we
know this could present a challenge to smaller organizations. We see this as a prime
opportunity for these smaller companies to engage with outside IT consultants/vendors who
offer comprehensive security training programs as part of their professional services portfolio.
Providing cybersecurity training is a fantastic opportunity for partners to deliver an additional
value-add to their customers. MSPs should consider partnering with one of the leading phishing
services companies to offer interactive security trainings as a service to their customers. It’s
something MSPs should be advising their customers on just as anything else.
Eric Martorano SVP of Worldwide Sales, Intermedia
More cloud-based applications, more confidence
The ability of IT teams to consistently and reliably deliver general IT services to their
organization received an IT Confidence Score of 8.2. This category received the highest level of
confidence among the areas measured. Despite the challenges IT teams face, this score
indicates IT teams are fairly confident in their own abilities. Still, there’s a stark difference in
confidence between IT teams at smaller companies and IT teams at medium to large companies:
But how do these variances in confidence equate to their cloud usage?
On average, respondents indicated that they are running the majority
(56%) of their IT applications in the cloud, with 37% expecting to use
more cloud-based applications over the next 6 months. As a company's size increased, the overall percentage of their cloud usage did as well.
These smaller companies also had the fewest number of IT
applications running in the cloud (46%), while companies with 500+
employees were running more than two-thirds (69%) of their IT
applications in the cloud.
IT Confidence Index findings confirm that it’s the smaller companies that are struggling the most
with their cloud transition. Fewer than half of the apps SMBs use today are cloud-based.
Simultaneously, SMBs expressed the least amount of confidence in keeping their organizations
secure. This combination presents MSPs with a big opportunity to help serve small- and medium-sized businesses
looking to transition to the cloud, but can’t afford to run IT on their own.
Eric Martorano SVP of Worldwide Sales, Intermedia
Concerns with IT infrastructure spending and security go hand-in-hand
When we asked IT pros if they felt confident that their company was spending enough on
infrastructure (defined as server, storage and network components, but not including software),
they gave the lowest score of all four categories – an IT Confidence Score of 6.5.
This data shows me that ITDMs understand the level of investment that they would have to make in order to adequately run their own infrastructure. Companies with 500 users and below find it difficult to invest in what is needed to create a redundant and reliable infrastructure. That fact could shake the confidence of anyone running on-prem environments.
Jonathan McCormick COO, Intermedia
While ITDMs are not very confident in the amount they are spending on IT Infrastructure, only a
minority are investing more today than they were a year ago:
Compared to a year ago, the majority of IT professionals (59%) said that their company was
investing about the same in IT infrastructure to support the overall current and future needs of
the business, while only 39% said that their company was investing more.
When respondents said their company would be increasing spending, they expected
investments to go primarily toward security applications and systems.
Correlate these IT Infrastructure findings with the lack of expressed confidence in combating
security risks and the potential impact to businesses gets even scarier. IT Infrastructure and
Security are the lowest ranking confidence categories measured. Technology is advancing, as are
the expectations around availability and the need to continually improve security positioning.
Everyone is focused on getting more efficient and trying to do more with less. If ITDMs truly feel like
they are not investing enough in their infrastructure to help guarantee that it remains it remains secure and highly
available, then they should be looking to consume these IT needs as cloud services from larger
service providers that are committed to making these investments on their behalf.
Jonathan McCormick COO, Intermedia
Finding and retaining IT talent is a challenge
IT pros expressed modest confidence in their ability to hire and maintain a skilled IT
workforce—receiving an IT Confidence Score of 7.4 (slightly above the overall 2016 Index
average). Roughly one-third of respondents said they felt more confident now than they did last
Competition for top talent remains fierce. When asked if they felt set up for success with a
skilled workforce, 32% of all respondents agreed with the statement: “My organization gives me
everything I need to be successful.”
IT pros at larger companies expressed greater confidence that their needs were being met:
IT consultants are a welcome help, but they need to adapt faster
According to the report, 64% of survey respondents said that their company uses IT consultants and/or MSPs. This is consistent with CompTIA’s research that indicates 65-75% of IT purchases are influenced by the channel.
IT consultants are trusted advisors, scoring high marks for the assistance they provide:
However, 33% of IT professionals think that IT consultants are too hardware focused, and 24% think that IT consultants don’t put enough emphasis on cloud solutions.
Companies in need of more than just advice are turning to MSPs for help. We have found that a
large number of ITDMs look to IT consultants to assist with moving their businesses to the
cloud. IT consultants should be taking advantage of the strong reputations they have already
built. By building out a managed services practice, IT consultants can create more value for
ITDMs while continuing to be known as the strategic advisor they’ve always been considered. As
the report findings show, ITDMs are looking for cloud experts, specifically in the areas of
ransomware and compliance regulations. Being that trusted advisor and building a cloud
business is a great opportunity for these partners to fill a market need.
Eric Martorano SVP of Worldwide Sales, Intermedia
Get the full 2016 IT Confidence Report from Intermedia
What it does. AppID Enterprise’s patented App Shaping technology enables admins to set policies that determine exactly which pages or elements within any web app users can access or see. For example, you can remove or grey out exporting functionality; hide or redact sensitive data; define access to features based on user role; and restrict access to ANY element within a web app.
How it helps. This technology helps prevent unauthorized access and data breaches by ensuring that only authorized users are allowed to access sensitive data or perform certain tasks within the web app.
AUDIT TRAIL FEATURES
What it does. AppID Enterprise gives you a detailed audit trail of all user interaction with any web app—from login to logout and everything in between, including screenshots. You can configure auditing levels for both individual users and applications as well as groups of users.
How it helps. These features prevent misuse of data because employees know that their actions can be tracked. In addition, it makes it easier to facilitate compliance with regulations designed to avoid data breaches.
What it does. Intermedia’s HostPilot control panel provides a single source of management across 30 business IT apps. This centralized control over your Office in the Cloud offers a number of key security features.
How it helps. HostPilot helps you prevent data theft by offering remote wipe of devices. It also reduces the risk of poor password practices by letting you set policies regarding password length and complexity for Intermedia services.
What we offer. Intermedia offers a number of critical security tools, including email security, email encryption, Single Sign-On (SSO) and more.
How it helps.
Advanced Email Security provides comprehensive, multi-layered protection against malware, targeted attacks and unknown email threats. Advanced anti-phishing and spear phishing protection helps keep companies and users safe from ransomware. Learn more about Advanced Email Security.
Encrypted Email automatically filters and scans your emails to help protect your company against data loss. It also helps you stay in compliance with HIPAA, SOX, GLBA and other regulations. Learn more about Encrypted Email.
Intermedia AppID® centralizes web app access and management through an integrated SSO portal to prevent password leaks by eliminating multiple passwords and promote strong password policies. Learn more about AppID.
What it does. Email Archiving captures every email a user sends and receives and stores it in a tamper-proof archive.
How it helps. Email Archiving is “tamper proof,” which means that emails containing critical company data cannot be intentionally or accidentally deleted by either employees or IT administrators. Email Archiving also helps companies easily find and restore information, simplify eDiscovery in the event of litigation, and facilitate compliance with industry rules and regulations.
Intermedia’s Office in the Cloud offers a suite of cloud business applications that are fully integrated, secure and mobile. Our services include business email, voice, file backup and sharing, single sign-on, security, mobility, archiving and more. They’re all managed through our central HostPilot® control panel and backed by a Worry-Free Experience™ that includes a 99.999% uptime service level agreement and award-winning 24/7 support as certified externally by TSIA and J.D. Power. Learn more about Intermedia
About the Index
The Index is the average of four IT confidence scores: General IT Services, Security, Infrastructure and Skilled IT Workforce. Each of these confidence scores was calculated using a question scale, which asks respondents to rate their level of confidence on a scale of zero to 10, whereas zero represents “not confident at all” and 10 represents “extremely confident”. Respondents are then grouped based on their scores: Confident (score 7-10), Neutral (4-6 and “don’t know”), and Unconfident (0-3).
This study was commissioned by Intermedia and delivered by Precision Sample, an independent market research organization. Precision Sample has an active proprietary panel of over 3.5M respondents that is routinely validated with a stringent screening process including Verity® and RelevantID® by Imperium®. Results derived from a 12-minute online survey instrument with 38 total questions, fielded August 17-19, 2016. Setup questions were used to ensure that only IT professionals who have primary decision making authority for purchase or influence over IT purchasing decisions were in the sample. Overall margin of error of +/- 4.36% at a 90% confidence interval.
HostPilot, Intermedia AppID, AppID Enterprise, Office in the Cloud, SecuriSync, and Worry-Free Experience are either registered trademarks or trademarks of Intermedia.net, Inc. in the United States and/or other countries. Imperium, RelevantID, and Verity are either registered trademarks or trademarks of Imperium LLC in the United States and/or other countries.