REPORT: Factors Driving Widening Cloud, End-user Device, and IoT Visibility Gaps

In a previous blog post, I highlighted how several factors — including remote workers and growing device diversity — are driving increased IT complexity for most organizations. Unsurprisingly, all of that complexity means major visibility issues for IT and security teams. 

In fact, according to recent research:

• 79% of organizations report a widening visibility gap within their cloud infrastructure
• 75% lack the visibility they want into their end-user devices
• 75% lack visibility into IoT devices

So, what’s driving these ever-growing visibility issues? Axonius partnered with Enterprise Strategy Group to find out.

For the second year in a row, we surveyed more than 500 IT and security professionals across the globe to get a better understanding of how the pandemic-induced shift to remote work drove IT complexity and visibility challenges, reshaping security priorities for the future.

“The trend is pretty clear that more than three-quarters of the respondents say they can't quickly and easily see what they want to, on all of these different asset types. There's a bunch of challenges that they need to overcome,” our CMO Nathan Burke said.

“We saw the same thing last year – despite macro trends like work-from-home. A very high percentage of organizations, regardless of the device type, said, ‘I want to be able to quickly and easily see more than I can right now,’” Nathan added. 

Case in point: last year’s survey revealed 69% organizations reported cloud visibility gaps, 73% reported end-user device visibility gap, and 77% reported IoT device visibility gap.

Cloud Visibility Remains a Challenge

With over half of IT infrastructure (53%) already residing in the cloud and digital transformation initiatives continuing to accelerate, public cloud has become a cornerstone of IT operations. 

In fact, a majority of organizations are now embracing multicloud.

“When you talk to people about moving to the cloud, you think about going to Amazon or Google or whoever. You don't think about when you’re running PowerPoint and clicking autosave, it's saving to Azure,” Nathan said. “Almost everyone is in a multicloud environment — even if that's just running Teams or Zoom — whether they think about it or not.”

But this trend has also spread data across a wide variety of infrastructure, multiple cloud service providers, and different SaaS applications. This doesn’t just drive increased complexity, but results in more visibility challenges.

In fact, 50% of our survey respondents reported visibility and management challenges associated with data sprawl.

Other top challenges driving cloud visibility issues include:

• 42% of respondents said the number of different cloud use cases make proper policy enforcement more complex
• 41% cited difficulty identifying workload configurations that are out of compliance with industry best practices and regulatory frameworks
• 41% cited lack of familiarity with cloud infrastructure providers’ tools 

End-user Device Visibility Gap is on the Rise

The sudden pandemic-induced shift to remote work meant employees had to depend on personal devices to get work done. This resulted in an influx of non-corporate devices accessing corporate data and applications. They operated directly from endpoint to cloud workload, bypassing corporate infrastructure and creating blind spots for most organizations.

“In 2020, we had a lot of people saying, ‘We will never allow anyone to access any corporate information or mission-critical information from home’ ... but BYOD policies have changed dramatically,” Nathan said.

Pre-pandemic, almost half of organizations surveyed (49%) prohibited the use of personal devices for corporate activities. Post-pandemic, this number fell to 29%, adding new end-user device visibility woes for IT and security teams.

IoT is Happening but Most Lack Visibility

While many IoT projects were furloughed as a result of the pandemic, they didn’t go away. Our research shows a 16 percentage-point decline in organizations with active IoT projects (55% a year ago compared to 39% today).

But with only 34% of organizations saying they have a strong strategy for maintaining IoT device visibility, gaining complete IoT visibility remains a challenge for most organizations.

Adding to their challenges, 62% reported facing challenges with the variety of IoT devices in use, making it difficult to know what agents should be installed and configurations should be in place.

“It makes a lot of sense why a majority of organizations are reporting visibility challenges with IoT devices. We’re not talking about Windows devices on a physical network anymore, we're talking about anything that can have a sensor,” Nathan said.

Other top reasons driving reduced IoT visibility include:

• 47% cited the rate of growth in devices is too much to keep up with 
• 44% said the tools used don’t support many of the connected devices in use 
• 38% said audit and asset management tasks are too manual. 

“The tools that we buy to manage and secure our traditional devices aren’t always meant for supporting IoT devices,” Nathan said. “Plus, when you are adding to the fact that you have so many of these IoT devices that are changing so often and have a short lifespan, that becomes a huge challenge.”

Download “Cybersecurity Asset Management Trends 2021: How the Rapid Shift to Remote Work Impacted IT Complexity and Post-pandemic Security Priorities” report to take a deep dive into how the pandemic drove IT complexity and visibility challenges, and reshaped security priorities.