Managed.IT - issue56

6 MANAGED.IT 01732 759725 Cyber attacks are SMEs’ greatest fear SMEs in the UK are more concerned about cyber attacks or malware infection than cash flow claims Sophos in its new report Securing Growth . Almost half (45%) of SME decision-makers surveyed for the report cite cyber security as a concern, putting it ahead of staffing issues (40%), regulations (27%) and cashflow (32%) in the list of problems that need addressing. The report highlights the security challenges faced by SMEs at different stages of their growth and development, with younger companies at risk due to their flexibility and pragmatism and older companies vulnerable due to bloat and lack of oversight. For example, almost one third of SMEs that have been trading for more than 16 years did not know what cloud services were used by their company (31%) or what public file sharing applications employees used to share information externally (31%). In companies that had been trading for 1-5 years, these figures were 13% and 9% respectively. Conversely, 59% of the youngest firms allow all employees to connect personal devices to the corporate network, with 44% allowing all contractors and third parties to connect to their network. In businesses that have been operating for 16 years or more, the respective figures are 33% and 6%. Based on these findings, Sophos offers the following advice for IT security professionals: n Check that you have a full inventory of all devices connected to your network and that any security software you use on them is up to date; n Install the latest security updates on all devices and servers on your network as soon as they are released; n Give different data access rights to different employees; n Keep regular backups of your most important and current data on an offline storage device to avoid having to pay a ransom if affected by ransomware; n Enable multi-factor authentication on any security dashboards or control panels used internally to prevent attackers disabling security products during an attack. bulletin Digital ceiling preventing businesses from elevating digital transformation Businesses face a ‘digital ceiling’ when it comes to digital transformation, according to new research from Infosys Knowledge Institute (IKI), the research arm of digital services and consulting firm Infosys. The Infosys Digital Radar 2020 report assessed the digital transformation efforts of companies against a Digital Maturity Index and found that while most were achieving year- on-year progress in basic areas, such as digital initiatives to improve a company’s efficiency, they were failing to implement more advanced transformation initiatives to improve customer experiences and engagement or respond more quickly to customer needs. IKI’s analysis shows that while there has been an 18% rise in companies moving from the Watchers to the Explorers tier, the size of the Visionary cluster is largely unchanged. It identifies two qualities businesses need to break through the ‘glass ceiling’ and reach a higher level of maturity: 1 Successful companies focus strongly on people, using digital transformation to make improvements centred on customers and employees. While 68% of the 1,000 companies surveyed stated operational efficiency and increased productivity as their main transformation objectives, companies in the Visionary cluster are particularly motivated to make improvements for their employees. Nearly half of Visionaries describe ‘empowering employees’ as a major business objective for transformation, compared to less than one third of Explorers and less than one fifth of Watchers. Visionaries also have an increased focus on customer-centred initiatives, being significantly more likely than other clusters to undertake transformation to improve customer experiences and engagement and to respond more quickly to customer needs; and 2 Successful companies have a different mindset when it comes to transformation processes. Instead of traditional linear transformations that involve such long timelines that improvements are out of date by the time they are implemented, top performers have a cyclical mindset and prefer to implement recurring rapid feedback loops to accelerate transformation and keep updates relevant. The Visionary cluster is far ahead of others in digital initiatives tied to quick cycles: 75% operate at scale in Agile and DevOps, compared with an average of 34% for the entire survey group. www.infosys.com/navigate- your-next/research/digital- radar-report.html Democratisation of IT brings significant challenges More than half of IT leaders hope to gain better visibility of IT assets (59%) and spending (52%) across their organisation within the next two years, as the rise of infrastructure-as-a-service (IaaS) and democratised IT spending raises the spectre of complex audits, unchecked costs and security vulnerabilities from decentralised IT. In a recent survey for the Snow Software-commissioned report What Decentralised IT Spending Means for the CIO’s Role , 67% of IT leaders said at least half of their spend is now controlled by individual business units thanks to cloud and as-a-service models that enable employees to buy and use technology without IT’s involvement. They warn that the combination of democratised IT and increased cloud usage brings significant challenges: 56% are concerned about hidden cloud costs; and 78% complain that preparation for vendor audits within cloud environments is becoming increasingly complex and time-consuming. Nearly 90% worry about the prospect of being audited by a software vendor – with good reason, as 73% of those surveyed have been audited by at least one software vendor in the past 12 months (60% by Microsoft, 50% by IBM and 49% by SAP). www.snowsoftware.com 1 Innovation,transformationandcontrol WHAT DECENTRALIZED IT SPENDINGMEANS FOR THE CIO’S ROLE Digital transformation ishavingahuge impactonhow businessesacquireanddeploy technology. Inparticular, organizationsaremovingaway from centralized ITbuying to amodelwhere the lineofbusiness (LOB)holds thepower.At the same time, IT ismostoften still responsible fromabudget, securityand complianceperspective. SaaS (Software as a Service) and IaaS (Infrastructure as a Service) are enablingbusinessunits toown technologypurchasedecisions, transforming ITprocurementprocesses and responsibility. DECENTRALIZED IT, ASAN IMPACTOF CLOUDADOPTION, MAYGIVEMORE POWERAND INFLUENCETO LINEOFBUSINESS TEAMS,BUT THEREARECOST, GOVERNANCE ANDSECURITY IMPLICATIONSTHAT THECIONEEDSTO BEAWAREOF.