Understaffed and Overburdened – IT Professionals Now Spend Five to Eight Hours a Day Managing Security

  • COVID-19 has significantly altered the types of tasks that fill a typical IT rep’s day
  • IT staff spends more time on virtual tasks like team web meetings, remotely accessing employee devices and customer web meetings
  • 47% say they now spend five to eight hours per day solely on IT security matters
  • Fear of a cloud data security breach has increased significantly in the past two years
  • A similar study shows decision makers are trading personnel for cloud security investments

IT professionals are spending extra hours on security as their fellow employees increasingly rely on remote access to the IT infrastructure. In fact, some IT staffers now spend up to eight hours a day on security, a new survey shows.

COVID-19 and new remote work policies have prompted a tectonic shift in the day-to-day work of IT professionals, according to a North American study by LogMeIn, which shows how IT professionals are adapting their roles and teams to meet these challenges.

New times, new challenges

The types of tasks that filled a typical IT rep’s day have changed significantly, according to the report. 67% spend more time on virtual tasks like team web meetings, remotely accessing employee devices (66%) and customer web meetings (52%). Since it became impossible to stop by an employee’s desk to address IT issues, 38% have prioritized remote access software first.

Security-wise, 54% of IT reps claim they are spending more time managing IT security threats and developing new security protocols. 47% say they now spend five to eight hours per day solely on IT security matters. In 2019, only 35% of IT professionals made that claim.

IT staff fears a data breach

As cloud adoption has skyrocketed, fear of a cloud data security breach has soared. 40% of IT professionals expressed this concern in 2018, while 53% cite it as a top security concern now.

Life for IT reps sounds even harder when we consider tight resources. More than a third of IT pros told surveyors that the biggest challenge their company faces in trying to keep up with IT trends is a lack of budget.

“IT training, lack of IT staff, lack of control over a remote workforce, and IT staff resistance to change are all seen as the most common reasons IT teams are struggling to adapt to changes in their field,” according to the report. “With limited budget, IT teams must implement solutions that enable them to do more with less and prioritize implementing tools with security, automation, and monitoring functionality.”

Cloud security as a gap filler

IT professionals in virtually every industry agree that cyber risk has jumped as organizations are forced to facilitate remote access to mission-critical applications and data. A recent CyberEdge study reveals a 114% jump in remote workers and a 59% increase in bring-your-own-device (BYOD) policy adoption due to the pandemic. 73% of enterprises are said to face elevated third-party risks amongst partners and suppliers. The researchers say the situation has “wreaked havoc” among enterprise IT security teams.

The top three challenges named by enterprise IT security teams were an increased volume of threats and security incidents, insufficient remote access / virtual private network (VPN) capacity, and increased risks due to unmanaged devices.

While 53% of IT security teams were already understaffed before the pandemic, 67% of enterprise security teams this year were forced to further cut personnel expenses through hiring freezes, temporary reductions in hours, and temporary furloughs. 17% of IT security teams were forced to lay off personnel, the study showed.

In May, Bitdefender aggregated the opinions of 6700+ infosec professionals across the globe and found deep concern regarding the security implications of remote work amid COVID-19. More than one in three said employees were starting to feel more relaxed about security issues because of their surroundings, while another third said employees were not sticking to protocol, especially in terms of identifying and flagging suspicious activity.

To cope with the rise in security incidents associated with remote-work conditions, IT decision makers are increasingly looking towards cloud security investments.