The survey, conducted among more than 500 global IT professionals, also highlighted concerns around the prevalence of shadow IT in organisations. Nearly half (48%) of respondents noted that the use or installation of systems, devices, software, applications, and services without explicit IT department approval is on the rise, with only 22% of organisations having strict shadow IT policies in place to manage this threat. This lack of shadow IT visibility amongst ITSM teams may be compounded by the 39% who cited user training and knowledge sharing amongst employees as the greatest challenge of remote working, closely followed by managing IT assets (36%). This suggests that awareness of IT policies and procedures within organisations is something which needs addressing in order to avoid security concerns caused by employees going rogue with unapproved software.
“It is concerning to see that the rise in shadow IT is leaving IT teams in the dark over potential security threats. This puts an organisation’s data and assets at risk from potentially unsecure and unapproved software use or malicious downloads on their systems,”said Rajesh Ganesan, Vice President, ManageEngine. “Alongside ensuring all employees are up to date on the business’ IT policies, during this time of remote working it’s essential to communicate a clear policy on the use of personal devices for business purposes. This will help to ensure any devices that are used are done so securely.”
Looking at how prepared businesses were for their employees to begin working remotely, only a third (33%) of respondents said they were already prepared with mobile-capable devices which employees had been using prior to the pandemic. 42% of IT administrators stated their organisation was not sufficiently equipped with remote support tools and VPN licences before employees began remote working, with 15% feeling they were still under equipped more than three months into global lockdowns.
This lack of planning may correlate to the fifth of respondents who did not have business continuity or disaster recovery plans in place, highlighting the importance of organisations planning for a myriad of different scenarios and equipping employees with the knowledge and tools to continue to work seamlessly and securely from home.
Ganesan added, “Whilst we are now many months into the new reality of remote working, it is clear there is still work to be done to ensure organisations are considering security at the forefront of their business continuity plans. It’s clear the future of ITSM will be, to some degree, remotely executed, and so IT teams should review and test their security protocols and tools with this in mind to ensure that they can plug any gaps.”