JumpCloud announced the findings of its Halloween 2021 IT Admin survey. For IT teams tasked with managing user devices, identities, and access to all IT resources, the past year presented a number of challenges. The survey underscores that the scope of IT responsibilities continues to expand across discrete functions, and security threats are a source of nearly constant, evolving concern. 

The survey asked 509 U.S.-based and 503 U.K.-based IT professionals about their biggest fears and their scariest IT experiences over the past year. 

Key findings

• Security is the biggest concern for IT admins: For all respondents, a security breach, hacker attack, and ransomware ranked as the scariest scenarios.
  

• U.S. respondents rank security threats as top three concerns: U.S. respondents ranked their biggest concerns from scariest to benign:

            1 - security breach

            2 - hacker attack

            3 - ransomware attack

            4 - cloud service outage

            5 - ISP or CDN outage

            6 - a down server

            7 - the boss's PC or Mac going down

            8 - their own PC or Mac going down

            9 - a lost mobile device

• U.K. respondents most concerned about ransomware: U.K. respondents ranked their biggest concerns from scariest to benign:

1 - ransomware attack

2 - hacker attack

3 - security breach

4 - cloud service outage

5 - a down server

6 - ISP or CDN outage

7 - their own PC or Mac going down

8 - a lost mobile device

9 - the boss's PC or Mac going down

• No shortage of security threats: When asked what specific security concerns are top of mind, all respondents named software vulnerability exploits (37%), ransomware (35%), use of unsecured networks (33%), and use of the same password across different applications (30%).
  

• Threat perceptions differ across geography: In the U.S., software vulnerability exploits ranked as the biggest security concern (40%), followed by use of unsecured networks (36%), ransomware (31%), and spear phishing of privileged credentials (26%). For U.K. respondents, ransomware was the biggest concern (40%), followed by use of the same password across different applications (34%), software vulnerability exploits (34%), and spear phishing of privileged credentials (30%). 
  

Scariest experiences of 2021 centered on security

• Hacking is the most common scariest experience: When asked about the scariest experiences of 2021, security issues ranked number one, nearly 24% of companies reported being hacked or dealing with hacking attempts. 
  

• Ransomware attacks experienced by nearly 1 in 12 companies: 8% of respondents report that ransomware attacks target company data. 
  

• Connectivity introduces complexity: 16% of IT admins were most frightened by connectivity issues with servers, networks, or third-party systems.
  

• Remote work can be terrifying: Managing remote work was scariest for 14%, and managing devices or hardware was for 8% of respondents.
  

• But the presence of actual spirits is rare: Only one respondent cited their scariest experience as the sensation of being watched and frigid pockets of air in certain places in the office at night.
  

"It's truly scary how much pressure is on IT admins to secure remote work without impacting the end-user experience," said Cate Lochead, chief marketing officer, JumpCloud. "No one is safe as even the smallest organizations are reporting being targeted by malevolent forces. As the new workplace model continues to evolve, ensuring teams can escape their IT nightmare by arming them with the tools to keep company resources safe and employees functional is essential."

In their own words, IT admins share their scariest stories

Ransomware, hackers, and phishing presented the biggest and costliest problems:

• "Being hacked because one of the employees clicked on a bad link and lost £500,000."
• "My scariest was a security breach a couple of weeks ago. We all had to reset passwords across many platforms as Facebook, Twitch, and other websites were invaded from privacy."
• "Ransomware on the (company) president's machine."
  

Password maintenance and credential loss was a major complication:

• "I couldn't remember the password to unlock the vault."
• "An employee lost their laptop on a train. It wasn't password-protected."
• "We had a lost device with critical company data. It was a member of the IT team, and although it turned out that she had just misplaced it, the period before she found it was very hectic and nerve-wracking."
  

And remote work, which involves devices, user access, identity management, systems, networks, applications, and more was a significant source of stress:

• "Enabling all 1,776 employees to work remotely within a 10-day window."
• "Working from home users."
• "Managing a WFH team."
• "The closing of the office and having to support thousands of remote users."
• "Not having enough hybrid work security."
• "An internal server went down which caused everyone at home having to come into the office to connect to the Wi-Fi to enable their connections to be restarted."
• "Not having the technology in place to provide remote working for the majority of employees."
  

The scarcity of IT talent was horrifying for a few:

• "Losing two of my best technologists in the same month and I still haven't found proper replacements."
• "Not having enough employees to manage the workload."