As your organization grows over time, keeping track of software, equipment, and data gets increasingly difficult. It’s easy to feel overwhelmed by the sheer number of assets to manage — in fact, 73% of SME IT professionals use five or more tools just to manage their employees’ lifecycles and resources. That’s not to mention all the other tools in their IT infrastructure, from servers to employee devices to SaaS licenses. The way your organization manages its many assets can have a dramatic impact on its overall efficiency and productivity.

Importance of Asset Management

IT asset management (ITAM) is a structured, repeatable process for provisioning, maintaining, and disposing of assets in ways that meet the organization’s strategic goals. ITAM solutions promise efficiency and accuracy when keeping track of technologies, hardware, and data in an enterprise context.

ITAM allows the organization to streamline processes that empower IT teams to generate value. It standardizes the incorporation of IT assets into business processes. This reduces risk, improves compliance, and helps the organization run more efficiently.

Define Your ITAM Approach and Standards

Best-in-class ITAM implementations rely on repeatable, standardized processes. Every organization that wants to optimize asset tracking and lifecycle management must first identify standards to hold themselves accountable to. Only then can the organization scope out the specific steps it needs to take to achieve that goal.

It’s important to recognize the objective you wish to achieve through ITAM. For some organizations, it might be demonstrating compliance with the ISO 19770 family of ITAM standards. For others, there may be immediate cybersecurity concerns to address. For some, it may simply be an exercise in reducing waste or planning to scale.

Identifying the standards you want to achieve early on will simplify many downstream decisions. This will help you answer questions like:

• Which IT assets have the highest priority when it comes to obtaining visibility?
• How should ITAM impact the employee onboarding and offboarding process?
• What metrics will you collect to measure the success of your ITAM implementation?
• How does ITAM align to the company’s broader strategic goals?

The sooner you know the answer to these questions, the easier ITAM implementation will be. Keep these in mind when learning how to implement ITAM best practices below.

Implementing ITAM Best Practices

ITAM helps IT leaders understand how hardware and software applications translate to business value. Adhering to ITAM best practices will give you maximum visibility into your IT environment and let you address its inefficiencies more easily.

Thoroughly Identify and Catalog Assets

Building your inventory is the first practical step to hardware and software asset management. There are multiple ways to conduct asset discovery. The way you approach this step will have a major impact on your ability to leverage asset data constructively throughout the process.

Effective Asset Tagging Techniques

There is no need to stick to a single asset tagging technique when conducting asset discovery. Most tracking technologies are designed for specific types of assets. Choosing the right technique can make a significant difference in your ability to track assets efficiently.

Barcodes and QR Codes

Barcodes and QR codes are among the most popular asset tagging technologies in use today. They both offer an easy way to track and manage hardware assets. However, they differ in important ways:

Barcodes

• Barcodes can store 20-25 characters in an accessible format.
• Barcode technology is more than half a century old, making it affordable and easy to implement in a variety of contexts.
• Since barcodes are an older technology, they don’t support advanced features like encryption.
• Barcodes are ideal for tracking small bits of information in large, complex environments — like prices and product SKUs.

QR Codes

• QR codes can store more than 1,500 alphanumeric characters.
• QR codes rely on digital technology that supports encryption, automation, and other advanced features.
• Implementing QR codes is generally more expensive than using bar codes. This is especially true when advanced features are involved.
• QR codes are more resistant to accidental damage.

RFID Tags

RFID tracking is ideal for tracking a large number of items automatically. There is no need for line-of-sight between the scanner and the object being scanned. However, RFID systems can be expensive to install. There are two types of RFID ITAM solutions for hardware asset management:

Passive RFID

• Passive RFID tags don’t require batteries, but they must be scanned manually.
• Passive tags are smaller and more durable than active tags.
• Since they don’t have an internal power source, passive tags can only be read at a close distance to the scanner.

Active RFID

• Active RFID tags have an internal battery. This makes them larger and less durable, but they can scan large numbers of items at once.
• RFID scanners can detect active RFID chips at a much greater distance than passive ones.
• Active tags have read/write ability. This means the data they carry can be modified with each scan.

NFC Tags

NFC technology enables peer-to-peer communication between devices. NFC-enabled devices act as both reader and tag, allowing two devices to share information by simply touching one another. While similar to RFID in many ways, NFC has some unique characteristics:

• NFC tags have much shorter range than RFID, and no support for scanning large numbers of items. 
• NFC tags support two-way communication and up to 4KB of data storage.
• Most modern smartphones have built-in NFC support, making the technology easy to deploy.

Serial Numbers

Serial numbers are easily the oldest technology on this list. Modern organizations can still use them to easily identify and track assets through a centralized database. Anyone can quickly create and manage a serial number database with open source software—but the process can be time-consuming and prone to human error.

• Serial numbers are useful for tracking assets with no additional hardware requirements.
• You must create and maintain a database linking serial numbers to individual assets.
• Manual data entry processes are required for many database operations. Software automation is possible, but hardware scanning is not.

GPS Tracking

GPS technology provides real-time geolocation and time data to devices across the planet. A large number of devices use GPS technology for tracking, navigation, and mapping applications. GPS can also be used for IT asset management purposes, but is generally reserved for high-value items that need constant monitoring.

• GPS tracking uses advanced inventory tags that offer in-depth information about asset location and status in real time.
• GPS technology uses satellites to track assets anywhere in the world.
• Active real-time GPS tracking is precise, but too expensive for most use cases.

Integrated Tagging Solutions

Each of the hardware asset management tools mentioned above serves a particular use case. Your organization can unlock significant value using specific technologies for certain assets. However, you’ll need to use integrated asset management software to keep track of multiple types of asset tagging technologies.

This allows you to categorize assets according to their characteristics. If you have specific rules and policies for critical assets, you can manage them separately from lower-impact assets. This lets you match the appropriate tagging technology to each asset based on real-world business needs.

Tracking Tools and Software

IT asset management isn’t limited to hardware assets. Your ITAM platform should also be able to track and manage software assets. Software licenses and intellectual properties are two examples of non-physical assets that you may wish to manage alongside your company’s hardware.

Some of the tracking technologies mentioned above can also work with non-physical assets. Many organizations use bar codes, QR codes, and serial numbers to track software licenses, documents, and other digital items with business value.

Monitor Asset Lifecycles

ITAM should cover the entirety of the asset lifecycle. Neglecting to monitor every step of that cycle can create blind spots and an incomplete understanding of your IT infrastructure as a whole. Capturing the full value of the ITAM process means monitoring assets as they move through every stage.

However, manually monitoring assets is difficult and time-consuming. The sheer volume of data involved demands an automated solution. Automation helps IT leaders integrate lifecycle management into ITAM solutions, granting visibility into every stage of the cycle. When inefficiencies creep in, the IT team is prepared to address them quickly.

Integrate ITAM with ITSM

IT service management (ITSM) is a structured process for delivering value to the users of IT assets. It provides a standard framework for submitting tickets to the IT team and laying down a repeatable workflow for resolving the ticket. Instead of being limited to support, this process applies to all IT-related requests.

For example, a user may request a new laptop to replace a stolen one. ITSM integration ensures your ITAM solution will recognize that the original laptop was stolen. It also streamlines the process of assigning a new laptop to the user and resolving the ticket with priority.

Ongoing Maintenance and Audits

Your ITAM solution should make it easier for the IT team to conduct proactive maintenance. Instead of relying on a reactive break/fix system, you can analyze patterns and conduct maintenance operations before assets stop working. This reduces downtime and dramatically improves business efficiency.

It also makes planning for IT audits easier. If you have visibility into the durability of your assets, you can make predictions about their performance in audit scenarios. That means less stress and uncertainty when putting systems under strain to demonstrate compliance.

Overcoming ITAM Challenges

Implementing ITAM can be a complex undertaking. The larger and more complex your organization is, the more difficulty you are likely to encounter. However, this also means that larger enterprises have much more to gain by adhering to ITAM best practices successfully.

Common Challenges in ITAM Implementation

Organizations often face issues when implementing ITAM processes and technology in a multi-site format. Most modern organizations no longer operate in a traditional single-site brick-and-mortar format. Adapting ITAM processes to work over large distances can create issues that IT leaders will have to proactively identify and address.

Data Accuracy and Completeness

Challenge: Ensuring the tracking and management of the asset lifecycle through a consolidated platform without inaccuracy or missing coverage.

Solution: IT leaders should stagger their implementations over a longer period of time and bring new departments into the ITAM system on a regular basis. This gives each department time to test their ITAM implementation and address problems before moving onto the next phase.

If there are problems integrating a particular business unit, the IT team can focus on those issues without disrupting other initiatives. The next phase of the implementation should only be pursued when that business unit is properly integrated.

Integration with Existing Systems

Challenge: Integrating ITAM across diverse IT infrastructure while maintaining standard processes.

Solution: Establishing a centralized ITAM solution is vital in diverse infrastructure environments. Having a single, unified interface for control and visibility lets organizations standardize processes across different platforms and environments.

Modern, unified ITAM solutions typically use cloud technology to enable efficient management across environments. Accessing software, hardware, and configuration items through cloud-connected applications makes it much easier to ensure uniform results. Asset tracking processes can be deployed in a standardized way regardless of the physical location of individual assets, or the infrastructure they rely on.

Dynamic IT Environment

Challenge: Enterprise IT environments are constantly changing, making it difficult for ITAM solutions to keep up.

Solution: Automation is key to successfully managing IT asset management in an enterprise environment. The larger an organization is, the more likely it is to undergo significant asset churn on a constant basis. Manual operations are not enough to deliver consistent results with ITAM processes.

Choosing the right asset tracking technology for each asset can enhance automation capabilities. IT leaders should prioritize tracking technologies with automation features for high-value assets. High-turnover assets must be supported by robust policies that ensure inventory management tasks are processed quickly.

Compliance and Licensing

Challenge: Conducting compliance audits gets increasingly difficult as the size and scope of the organization’s IT asset inventory grows.

Solution: Capturing the right performance metrics can radically transform compliance processes. If your ITAM solution already gathers the appropriate data, meeting compliance requirements can be as simple as generating a visual dashboard.

This is why identifying your organization’s IT asset management needs early on is so important. If you focus on these metrics when implementing your ITAM solution, you can reduce the amount of time and effort that goes into demonstrating compliance.

Security

Challenge: Ensuring the security of distributed IT assets without impacting the usability of those assets.

Solution: Visibility is the key to improving security without compromising usability. When your security team can observe and control IT assets through a centralized ITAM solution, addressing threats and vulnerabilities in real time is much easier.

Ideally, your organization would develop stringent access controls along with its ITAM implementation. These controls would specify who has permission to use, modify, and manage IT assets. Automating your response to the most common misconfigurations will save your IT team when investigating security events on assets.

Cost Management

Challenge: Budget limitations can become serious obstacles to ensuring each asset is tracked and managed appropriately.

Solution: IT leaders have to obtain buy-in from executives and board members before embarking on ITAM implementation. This implementation can involve substantial up-front costs, yet it generates significant cost savings over time. If leadership doesn’t believe in the implementation’s benefits, it will be much harder to achieve results.

Many people underestimate the value of ITAM when deployed on an enterprise scale. Consider calculating the opportunity cost of not implementing ITAM, or forfeiting advanced features like automation, and communicate them to leadership when you make your case for an ITAM solution. These costs will only grow as the organization grows, leading to increased need for cost-effective solutions to be in place.

Scalability

Challenge: ITAM implementation can be an ongoing challenge when the organization is growing in size and complexity.

Solution: Growing organizations must regularly revisit their IT asset management strategy to ensure it continues to meet the organization’s needs. This is especially true for enterprises that grow primarily through acquisitions: adding a large influx of new assets can strain the system if it is not properly configured.

Cloud-based ITAM solutions are better-suited to growing organizations that prioritize scalability. However, the solution itself must also be equipped with the appropriate features — like automation — to accommodate growth.

Internal Friction and User Adoption

Challenge: Implementing ITAM means changing employee workflows. There may be pushback against these changes.

Solution: Buy-in is not just for executives and stakeholders. End-user employees should also understand the value of the new technology. This only happens when IT leaders take time to communicate that value to their internal teams. This should happen well before the actual implementation takes place.

Ideally, employees should be involved in the implementation process directly. Encourage their feedback and address their concerns. Provide training and support so they can adapt to changing workflows. Successful communication ensures ITAM solutions avoid becoming a source of insecurity or disruption.

Choosing the Right IT Asset Management Platform

IT asset management provides organizations with comprehensive insight into the software and devices they rely on to generate value. The ability to track and monitor assets in real time can transform productivity and enhance efficiency across the board.

Making the most of your implementation means investing in powerful features like automation, on-demand compliance, and cloud scalability. JumpCloud provides organizations with next-generation IT asset management capabilities with built-in security and frictionless access. Sign up for a free trial to find out more about our product.

You have enough to deal with when it comes to critical day-to-day operations. Onboarding and offboarding employees and contractors, maintaining networks and shared resources, troubleshooting end user technical issues, combatting security threats… the list goes on and on. So long as you have visibility into the issues at hand, and the tools to react and respond to them, there isn’t much that can keep a well-organized team down.

Unless of course, IT is happening in the shadows.

It may sound like a bad horror movie, but shadow IT is a real phenomenon that happens for (mostly) the right reasons; employees seek solutions that help them be more productive, more efficient, and more reliable. The problem is that they seek out these solutions without IT’s oversight and governance. Since modern shadow IT is largely made up of SaaS applications that exist outside of IT’s organizational boundaries, this can lead to operational inefficiencies, bloated costs, and unknown security vulnerabilities.

To help you and your organization get a better handle on the unsanctioned (and sanctioned) use of SaaS applications across your fleet, JumpCloud is announcing the general availability (GA) of JumpCloud SaaS Management. 

This release empowers IT admins to uncover all SaaS applications used on managed devices so you know exactly what is being used and by whom. JumpCloud SaaS Management helps to efficiently manage SaaS sprawl, prevent shadow IT, increase SSO coverage, and reduce SaaS costs, ensuring a secure, compliant, and optimized SaaS usage across your organization.

Why JumpCloud SaaS Management

Organizations today struggle to manage SaaS applications used across different departments. With the ease of adoption for SaaS tools, the number can easily spiral out of control, causing SaaS sprawl and potential security gaps. Unknown or unauthorized SaaS apps, often referred to as shadow IT, can bypass security policies and lead to security risks, compliance violations, and unnecessary spending.

For small to medium-sized enterprises (SMEs) and the managed service providers (MSPs) that serve them, these challenges are even more prominent. Limited resources make it difficult to implement and maintain SaaS management practices. SMEs and MSPs often lack the dedicated IT staff and tools needed to track and manage multiple SaaS applications effectively, leading to data exposure, loss of intellectual property, and difficulty in meeting regulatory requirements. 

While some MSPs use various solutions to manage these risks, such as firewall or router reporting, these methods are less effective with the shift to hybrid and remote work. JumpCloud helps capture SaaS usage information in near real time and share it with clients.

JumpCloud’s SaaS Management solution empowers IT teams to efficiently secure and manage SaaS applications across their organization. Organizations can leverage JumpCloud to simplify SaaS application discovery, prevent shadow IT, increase SSO coverage expansion, and achieve compliance mandates all from a  single, comprehensive, unified platform.

Key Benefits of SaaS Management

Gain Visibility and Control

With JumpCloud’s SaaS discovery and monitoring capabilities, you can achieve the optimal balance between security and productivity for your workforce. 

You have complete visibility into sanctioned and unsanctioned applications, including SSO logins, to help take control of data sprawl across your organization, letting IT admins change the old-fashioned, manual SaaS tracking methods with a precise automated one.

Optimize SaaS Costs

JumpCloud makes it easy for IT admins to detect unauthorized and underutilized SaaS applications. 

Consolidate and track licenses to negotiate better terms, explore usage trends, reallocate resources, and reduce unnecessary expenditures, ensuring that every SaaS application aligns with organizational goals and budget.

Secure SaaS Access & Usage

Ensure a smooth and secure work experience for your employees without interrupting their work. 

IT admins can automatically warn users when they visit an unapproved SaaS domain or block access to those altogether and offer secure alternatives instead. Users can enjoy secure, frictionless access to authorized SaaS tools.

Key Capabilities

Get Started with JumpCloud SaaS Management Today

Existing JumpCloud customers and MSP partners can start using JumpCloud SaaS Management capabilities today at no additional cost, with extended capabilities for Platform Prime.

If you are new to JumpCloud, feel free to sign up for a free trial to experience the benefits of JumpCloud SaaS Management firsthand.

Casting IT Into the Shadows

What you can’t see CAN hurt you when it comes to shadow IT. Learn six key shadow IT risks and how to address them proactively.

Download the eBook

It’s critical for managed service providers (MSPs), like any service provider, to keep their finger on the pulse of their clients. Understanding how they think, make decisions, and approach their relationship with you is key to retaining them and bringing on new business. 

Recently, JumpCloud surveyed over 600 IT professionals working at small- to medium-sized enterprises (SMEs). Among many topics, we asked them about how they approach and work with MSPs. On a positive note, the survey found that 76% of SMEs work with MSPs on some level, and 67% plan to increase their investment over the next six months. However, the survey also found that the percentage of SMEs fully outsourcing their IT to MSPs dropped from 42% in early 2024 to 29% in Q3 2024. 

While this trend displays SMEs’ continued investment in MSPs, it also highlights a shift in how SMEs approach their IT needs. This presents opportunities for MSPs to examine their client relationships and offerings to strengthen their partnerships and adapt to client expectations. In this blog, we will explore the ways that SME relationships with MSPs are changing, and how MSPs can adapt. By focusing on areas like cost management and security, MSPs can position themselves as invaluable allies for SMEs.

Note: all data cited in this blog is sourced from JumpCloud’s eBook, Your Route to Positive Client Interactions, unless otherwise cited. 

Adapting to Cost Pressures

One of the biggest challenges in the future of SME-MSP relationships is managing costs. Three-quarters of SMEs have reported rising costs from their vendors (that includes MSPs and other vendors), which puts additional pressure on them as they struggle to balance budgets with ever-increasing tech needs. 

From an MSP perspective, the rising cost pressure on SMEs is significant: 28% have ended their partnerships with MSPs because of cost. Additionally, cost is one of the most common reasons that SMEs choose not to use MSPs, second only to a preference for handling IT internally. 

39% of SMEs that don’t work with MSPs say it’s because MSPs are too expensive. [Source]

How to Adapt

To strengthen future partnerships, MSPs might consider tweaking their pricing models. Offering a range of service packages that include low-cost, flexible options as well as higher priced offerings can help meet the needs of various SMEs, particularly those feeling the squeeze of rising expenses. Creating flexible, lower-cost options can help you keep clients who might otherwise look elsewhere (or internally).

In addition, consider looking to new technologies as a means for lowering prices. Improved remote support technology, for example, could help you reduce your number of in-person client visits, lowering your operational costs and widening your margins. 

Making Security a Priority

Security is another key factor that will shape the future of SME-MSP relationships. While over half (56%) of SMEs believe their security has improved with an MSP, 39% still worry about whether MSPs can effectively protect them. This uncertainty presents both a challenge and an opportunity for MSPs.

39% of SME IT professionals have concerns about the way MSPs manage security. [Source]

How to Adapt

To be seen as trusted partners, consider making security a core part of your service model. This means being open about security practices and demonstrating to clients how you keep their data safe. Regular security check-ups, training for your clients’ staff, and strong security messaging can also help build confidence. You might also consider adding new security-focused packages or services to your list of offerings.

Addressing security concerns directly and proving your commitment to protecting clients can help you strengthen trust and deepen your relationships with SMEs. As cyber threats continue to evolve, maintaining a clear focus on security will help you stand out from the competition.

Improving Customer Experience

The customer experience will be vital in shaping the future of SME-MSP relationships. Nearly a quarter (23%) of SMEs that have stopped working with MSPs did so due to poor customer service or a bad experience with their account or sales teams. This highlights the need for MSPs to focus on how they interact with clients.

For SMEs that have recently stopped working with MSPs, cost was the most common reason, clocking in at 28%. [Source]

How to Adapt

Investing in training for your customer-facing employees and creating a responsive culture can significantly improve client satisfaction. Prioritize the customer experience and routinely seek feedback from clients to understand what you’re doing well and where you can improve.

In addition, consider encouraging happy customers to leave positive reviews to help build your reputation as a trustworthy company that’s easy to work with. As potential clients increasingly rely on feedback from others, showcasing excellent service will be a powerful way to attract new business.

Conclusion: A Collaborative Future

The future of SME-MSP relationships is filled with potential, and SMEs continue to voice their belief in MSPs’ ability to add value to their organizations. Changing expectations and priorities among SMEs present MSPs with a chance to adapt and grow alongside their clients. By addressing cost concerns, focusing on security, and improving the customer experience, MSPs can outshine the competition and strengthen their role as essential partners for SMEs.

This collaborative future calls for alignment between MSPs and SMEs. By understanding and responding to SMEs’ needs, MSPs can build lasting relationships that support growth and success. As SMEs continue to invest in IT support, those MSPs that embrace these opportunities will thrive in the industry.

To dive deeper into these stats and learn more about how SMEs approach their MSP relationships, download the full eBook, Your Route to Positive Client Interactions.

For managed service providers (MSPs), competition can be stiff, which makes client retention critical. 

Recent findings from JumpCloud’s 2024 SME IT Trends report, however, revealed some indicators of downscaling in small- to medium-sized enterprises’ (SMEs’) MSP contracts: the percentage of SMEs outsourcing their entire IT management has dropped from 42% to 29%. Despite these drops, however, SMEs still seem invested in their MSP relationships: 76% of SMEs use MSPs for some level of IT support, and 67% plan to increase their investment over the next six months. So, how can you leverage SMEs’ continued interest in MSPs, prevent churn, and encourage deeper investments with your SME clients?

This blog will dive into the potential factors driving this downtick in full MSP investment and ideas for retention strategies you can implement to strengthen your client relationships.  

Note: all data cited in this blog is sourced from JumpCloud’s eBook, Your Route to Positive Client Interactions, unless otherwise cited. 

Understanding Churn Drivers

Understanding the factors that are likely contributing to churn and downscaling is the first step to implementing effective retention strategies to reverse the trend. The following are three common churn drivers among SMEs. 

1. Cost and Mismatched Services

One of the leading causes of client churn is cost. With 75% of SMEs reporting rising licensing and subscription fees from their vendors, it’s no wonder that 28% have decided to stop working with MSPs due to affordability concerns.

In addition to cost concerns, many SMEs feel that the services provided by their MSPs are no longer suitable for their evolving needs. For instance, the report reveals that 26% of SMEs believe they have outgrown their MSP’s offerings, 21% find that their MSPs offer more services than they require,and 16% of SMEs expressed that they felt too small to be a priority for their MSP.This mismatch can create frustration and drive customers to look elsewhere for an alternative MSP with offerings that better align with their requirements.

2. The Security Imperative

Security is a significant concern for SMEs, and it plays a critical role in client retention. In fact, 39% of SMEs (both those that use MSPs and those that don’t) express doubts about MSPs’ ability to manage security effectively. This highlights potential for churn for current customers as well as a barrier to entry for SMEs not yet using MSPs. 

Fortunately, more than half (56%) of the SMEs already working with MSPs reported that their MSPs have improved their security posture.This indicates that many MSPs are delivering on their clients’ expectations of security — the problem may lie in their ability to communicate those services and benefits upfront. 

This situation presents a unique opportunity for you to differentiate your services. By making security a cornerstone of your offerings and including your security offerings clearly in your messaging, you can build trust and loyalty among your clients. Additionally, offering security-focused services or add-ons can enhance your value proposition, showing clients that you prioritize their safety.

3. Poor Client Experiences

The client experience is another vital factor in retention. Nearly a quarter (23%) of SMEs have terminated relationships with MSPs due to poor customer service. This statistic highlights the importance of prioritizing every interaction with your clients. Investing in training for your customer-facing staff will empower them to deliver exceptional service and promptly address any concerns.

Nearly a quarter of SMEs have terminated their relationship with MSPs due to poor customer service or a bad experience.

Strategies for Reducing Churn

To effectively combat churn and attract new customers, consider implementing the following strategies:

1. Diversify your service offerings: Develop flexible service packages that cater to various business sizes and requirements. This approach will help address the concerns of SMEs who may feel underserved or overwhelmed.
2. Foster open communication: Regularly check in with your clients to assess their satisfaction and evolving needs. Staying aligned with their expectations is critical to maintaining a positive relationship with them.
3. Implement feedback loops: Actively seek client feedback and respond to it. This will help you identify areas for improvement before they escalate into reasons for termination.
4. Highlight value beyond cost: Clearly communicate the value you provide — not just in services, but also through enhanced security, compliance support, and the peace of mind that comes with having a dedicated IT partner.

Looking Ahead: Building Lasting Partnerships

By understanding the factors that contribute to client churn, you can strengthen your relationships with SMEs as well as build your customer base. Addressing concerns related to cost, service fit, customer experience, and security will be key to differentiating yourself and communicating your value in a way that resonates with your SME customers.

To dive deeper into these stats and other related to SMEs and how they work with MSPs, check out JumpCloud’s free report, Your Route to Positive Client Interactions.

After several notorious ransomware gangs were knocked out by law enforcement in 2023, ransomware attacks are on the rise again and soaring to all-time highs in 2024. Many gangs quickly reorganized and reformed, with leaders launching new platforms and expanding their web of bad actors. 

Ransomware attacks are bigger and bolder than ever this year, but even as attackers focus on new targets, small- and medium-sized enterprises (SMEs) remain under threat. With security breaches and ransom prices surging, it’s critical to stay on top of the latest attack tactics, gangs, and news. Let’s see who’s behind the most damaging ransomware attacks this year, and how you can protect your network, customers, and co-workers. 

Recent Ransomware Attacks In 2024

This year ransomware is on pace to cause over $40 billion in losses for organizations in the U.S. Ransoms, lost productivity, and system outages all factor in the equation. And large-scale breaches involving ransomware are not a phenomenon of 2024 at all. But even worse, people’s lives are increasingly put at risk by malicious attackers. These are some of the most alarming attacks of 2024.

September 2024

NHS London: Qilin ransom gang unleashed an attack that compromised the data of almost 1 million National Heathcare System patients in London hospitals. The attackers published personal information about patients with sensitive medical conditions like cancer and sexually transmitted diseases.

Stillwater Mining Company: In September, Stillwater company officials discovered the personal information of over 7,000 employees had been stolen using RansomHub RaaS (Ransomware as a Service). The attack first happened over the summer, but it took Stillwater months to catch on to the breach.

Kawasaki Motors Europe: RansomHub was also behind a major attack on Kawasaki’s European offices. Kawasaki swiftly shut its servers down to isolate the issue and perform recovery operations. RansomHub claims to have stolen almost 500 GB of data.

August 2024

City of Columbus, OH: Rhysida ransom group stole a massive 3TB of data from the City of Columbus, including sensitive employee records and data. After the city refused to meet Rhysida’s ransom price all the data was dumped onto the dark web.

Sumter County, FL Sheriff: Rhysida hit another government target, breaching the Sheriff’s Office systems and potentially compromising 150,000 citizens. Passports, SSNs, and other data was stolen. Rhysida demanded a payment of 7 bitcoin (worth almost half a million dollars).

Keytronic: Electronics manufacturing firm Keytronics reported losing over $17 million due to a ransomware attack by Black Basta, that disrupted production and office operations at its facilities in the U.S. and Mexico.

July 2024

Disney: NullBulge Group stole 1TB of data from Disney’s internal Slack platform and leaked it online. The breach included unreleased Disney projects, concepts, artwork, and code. The hackers asserted they were acting in the name of “artists’ rights.”

AT&T: Hacker group ShinyHunters stole metadata from all call logs and texts made by AT&T customers over a six-month period in 2022.

Rite Aid Pharmacy: Over 2.2 million patients were compromised by RansomHub attackers that posed as Rite Aid employees to steal their data. RansomHub threatened to leak personal information, ID numbers, and driver’s license information obtained from Rite Aid. 

June 2024

Panera Bread: An attack by an unknown group interrupted service on Panera’s website, app, phone systems, and POS systems. Thousands of employee social security numbers and other personal information was also stolen in a major data breach. Internal sources indicate Panera succumbed to the attackers’ demands, paying an undisclosed ransom.

Pandabuy: Giant Chinese shopping platform Pandabuy paid a ransom to prevent stolen customer data from being leaked — but then the hackers immediately demanded another ransom. The ongoing conflict resulted in 3 million rows of customer data being leaked onto BreachForums.

Cleveland, OH: An unknown hacking group forced Cleveland City Hall to temporarily shut down due to a ransomware attack that debilitated city computer systems.

CDK Global: BlackSuit ransomware caused a major IT outage that wreaked havoc on thousands of car dealerships in North America. CDK struggled to restore services to the dealers effectively or in a timely manner, forcing them to pay the ransom so auto dealers could get back online.

May 2024

Wichita, KS: Several government services were shut down to prevent a malware attack from spreading across its entire network. LockBit was responsible for the attack that disrupted payment systems and brought flight operations to a halt at the Wichita airport.

Ascension Health: An “honest mistake” led to a disruption of clinical operations at one of the largest Catholic health providers in the U.S. Black Basta was behind an attack that launched after an employee mistakenly downloaded a malicious file.

Ohio Lottery: 500,000 people were affected by an attack on the Ohio State Lottery. Hacker group DragonForce took credit, and said they gained access to employee and player data including contact information, birthdates, winnings, and social security numbers.

Ticketmaster: ShinyHunters stole credit card details, contact and personal information from over 550 million Ticketmaster/Live Nation customers. The group put the data up for sale on the dark web, priced at half a million dollars.

Aril 2024

Omni Hotels: Daixin ransomware launched an attack that took down Omni Hotels’ network nationwide and impacted reservations, hotel room locks, and POS systems. Daixin posted screenshots of sensitive stolen data from over 3.5 million Omni guests.

Group Health Cooperative (Wisconsin): A BlackSuit data breach stole personal and medical documents from more than 500,000 patients. Systems were shut down for several hours as internal IT teams worked to contain the attack. 

United Nations Development Programme: UN systems were breached by 8Base, disrupting UN operations in Copenhagen. During the attack 8Base claimed to steal massive amounts of confidential information, including accounting records, contracts, invoices, and other official documents.

UnitedHealth Group: BlackCat ransom group, also known as ALPHV, stole 6TB of sensitive patient data. United Health stated the breach caused more than $800 million in financial damages — in addition to meeting BlackCat’s demands for a $22 million ransom.

March 2024

Duvel Brewery: Beer production was brought to a halt at one of Belgium’s largest breweries after a ransomware attack by Stormous.

Crinetics Pharmaceuticals: Internal IT teams uncovered suspicious activity in an employee account — but by the time they had isolated the threat, LockBit posted that they’d breached Crinetics systems and stolen major amounts of data. LockBit demanded a $4 million ransom.

MarineMax: Rhysida ransomware struck the world’s largest luxury yacht dealer, stealing financial information and company records as well as information from a database of the world’s wealthiest customers. Rhysida put the data up for sale for the price of 15 bitcoin.

February 2024

Lurie Children’s Hospital: The Chicago children’s hospital had to take IT systems offline and was forced to delay care for many of its patients. Rhysida set a price of $3.7 million for 600GB of data that may include as many as 200,000 patients. After Lurie refused to meet the price, the data was leaked online.

California SEIU 1000: A union that represents 100,000 California workers suffered network outages after an attack by LockBit. The ransomware gang stole employee SSNs, financial documents, and salary information.

Trans-Northern Pipelines: The Canadian petroleum pipeline operator was hit by a ALPHV ransomware attack. Trans-Northern said their security teams quickly isolated the incident without major issues, but ALPHV claims to have stolen almost 190GB of company data and documents.

January 2024

Fulton County, GA: A LockBit attack crippled Fulton County government systems for weeks, causing problems for utilities, court, and tax networks. Everything from marriage licenses to police operations were affected, and many offices had to resort back to using paper forms during the outage. LockBit claimed they gained access to “confidential documents” and threatened to leak them.

loanDepot: An unknown group disrupted payment systems that disrupted mortgage payments for millions of loanDepot customers. The hackers also stole the data of over 16 million customers, potentially including bank account information. 

Bucks County, PA: Hackers knocked out 911 terminals inside fire, police, and emergency vehicles in a Pennsylvania county home to 650,000 residents. The National Guard was brought in to assist with emergencies as the county attempted to resolve the issue.

Schneider Energy: Cactus ransomware stole terabytes of company data in a breach. The attack compromised over 2,000 enterprise clients including Walmart, PepsiCo, Hilton, and DuPont. It’s unknown whether ransom demands were met. 

Notable Ransomware Groups

Even after coordinated federal and international crackdowns, ransomware gangs are as powerful as ever. Groups that were previously broken up emerged under new criminal organizations, and newer gangs rose to prominence in some of the highest-profile attacks of the year. These are a few of the most dangerous names in ransomware. 

LockBit is a Russian gang with global reach that roared back with a vengeance in 2024 after suffering a defeat when law enforcement took down its platform. LockBit provides RaaS (Ransomware as a Service) and has been the most deployed ransomware since 2022. Because of LockBit’s popularity, attacks can vary greatly in tactics and techniques.

ALPHV/BlackCat was formed after a gang known as BlackMatter’s servers were taken down by a sting in 2021. ALPHV makes some of the most technically advanced ransomware out there, capable of evading even the top cybersecurity systems. They’re thought to have the most experienced and tech savvy network of affiliates, and attack both Windows and Linux systems. ALPHV is one of the only ransom gangs to use a “triple extortion” technique leveraging stolen data, encryption, and denial of service attacks.

Rhysida is a fast-rising, aggressive ransomware gang responsible for some of the most damaging attacks in 2024. Rhysida’s malware was initially considered to be novice, but it rapidly became more elaborate and difficult to detect. Rhysida has led the offensive against healthcare systems and government offices.

Hunters International, ShinyHunters, 8Base, and BlackSuit are other established ransomware gangs that thrived in 2024. DragonForce and RansomHub are newer names emerging as more formidable threats this year.

Latest Ransomware Trends

Several ransomware trends took hold this year, with attackers focusing on bigger targets and demanding bigger payouts to match. Attacks on infrastructure became more common — attackers went hard after healthcare systems, government offices, and supply chain vendors.

Like everyone else, hackers increasingly deployed AI to help them carry out attacks. AI allows malware to adapt in real time to evade security, or can be used to clone voices, email, or other communications to make phishing seem more legit.

Ransomware as a Service continued to grow in popularity, as ransomware providers made their platforms more accessible to bad actors with fewer technical skills. Ransomware also got more sophisticated across the board, taking advantage of zero-day vulnerabilities more frequently and utilizing remote access tools to improve the effectiveness of attacks.

As always, phishing attacks on individual employees were one of the most effective ways for ransomware gangs to exploit systems. Attackers often breached security through individuals in BYOD situations or on SaaS cloud platforms with fewer safeguards.

With ransomware becoming more accessible and sophisticated, it’s predicted that attacks will only get more frequent — and more disruptive — as we head into 2025.

Ransomware Prevention and Protection

Ransomware can be tough to defend against because it can infiltrate an entire network through just one user. The more you can do to protect your users and network, the better chance you’ll have to successfully fend off bad actors.

Best Practices for Preventing Ransomware

These are some tried-and-true methods to help prevent a ransomware attack and keep your network running securely.

• Use Zero Trust security policies following a “trust nothing, verify everything” principle.

• Secure your network with unique passwords and multi-factor authentication (MFA).

• Keep security patches up to date on all software and services like email, servers, and VPNs.

• Back up data frequently, on multiple different media formats and keep one off-site copy.

• Educate users about device safety and how to recognize the latest phishing scams.

• Utilize AI to fight malware or other malicious threats.

Choosing the Right Security Solutions

The most effective security solutions vary from organization to organization. By taking the time to analyze the specifics around the way your company uses technology, you’ll gain the insights to develop a rock-solid defense strategy.

• Map attack surfaces and be aware of the latest ransomware attack vectors to identify vulnerabilities and determine best defenses.

• Evaluate security risks of SaaS or other third-party platforms your organization is using.

• Evaluate vulnerabilities unique to remote work and BYOD.

• Consider access controls like single sign-on (SSO), conditional access, password management, or passwordless authentication to improve individual user security.

• Unify IT stacks to reduce exploitable security gaps.

Recovery and Response Strategies

No matter how good your defenses are, sometimes ransomware sneaks into your system. By having a response plan ready to go, you can mitigate attacks quickly and stave off major damage.

• Create an incident response plan with standardized protocols for identifying and managing breaches.

• Isolate the infected system to prevent ransomware from spreading.

• Remove ransomware with antivirus and antimalware software, then clean the infected system.

• Restore data from a clean backup source. Refrain from using backups that were made while the system was under attack as they could contain encrypted files that could relaunch the attack.

• Review your security response and make improvements where vulnerabilities are detected.

• Explore insurance coverage against ransomware and other cyberattacks.

If considering a ransom payment, be aware that meeting attackers’ demands usually encourages future attacks.

Secure Identities, Devices, and Access with JumpCloud

JumpCloud brings together a variety of services that bolster your defenses against all sorts of attacks, including ransomware attacks. Whether you leverage JumpCloud to manage your device fleet, end user identities, single sign-on access, or any combination thereof, JumpCloud has the capabilities to help you lock down and protect your organization and minimize your exposure to these types of attacks. 

Learn more about how JumpCloud reduces attack surfaces, makes authentication more reliable and efficient, protects against phishing attacks, and unifies platform and device management across your network.