Congratulations! Your organization has been acquired. 

It’s an exciting milestone, but one that also creates a flurry of questions and uncertainty. That ambiguity can translate down into tactical areas such as what toolset will the IT organization be working with.

Of course, the general approach to most acquisitions is that the smaller organization will be assimilated into the larger one, adopting their culture, policies, solutions, and approaches. While that may be the conventional wisdom and traditional approach to mergers and acquisitions (M&A), the good news is that smart acquirers are realizing that the companies that they are buying often have more progressive approaches to technology.

There is no reason that your organization can’t be one of those that ends up leading change and transformation with the parent. With tens of thousands of organizations leveraging JumpCloud, we have seen a significant number of transactions. We have seen some of the largest organizations in the world purchase nimble, fast moving organizations and then turn around only to leverage their solutions inside of the parent. A top notch technical organization should not immediately believe that their approaches to success won’t be valued or leveraged by the parent.

Communicating Value

To determine whether the parent is open to leveraging the acquisition’s technology, methodologies, and more, you can often analyze why the deal occurred in the first place. While customers and revenue are also often drivers, smart acquirers realize that they have more to gain from an acquisition than just financial benefits. 

Often, larger organizations are interested in another organization’s technology, process, people, and systems. To that end, we see acquirers leveraging their acquisitions as pilots and lighthouse implementations for critical, new, and innovative approaches to their business.

Of course, this doesn’t just happen. 

A parent organization needs to be open to learning and trying new and innovative approaches. The good news is that conversation and thoughtful communication can help make this happen. 

The primary point that we see being successful in keeping innovative infrastructure is by focusing on the benefits. 

Larger organizations are often in need of cultural change or transformation in some way. By connecting what an acquisition is doing as a potential trial implementation to that transformation, a parent organization can learn at low risk and then, if successful, more easily roll out the new approach within the parent organization. 

Employees at the parent can even see the innovation in action, often reducing the anxiety of change. Smart acquirers are hoping to squeeze every last piece of value out of the companies that they buy and learning from their systems, processes, and people is a good way to do that.

Let Us Help

When it comes to IT management tools such as JumpCloud, the opportunity to test and understand cloud innovations is powerful. With JumpCloud, new organizations can enable their employees to take advantage of new IT resources while tightly controlling their environments. 

Also, with a multi-tenant portal interface, parent organizations can easily implement the cloud directory service while also segmenting access controls. For those parent organizations that leverage Active Directory, JumpCloud can integrate with AD to provide the best of both worlds.

JumpCloud’s account management and technical support teams would be happy to meet with you or your parent organization to discuss the best ways to take advantage of this modern cloud identity management platform.

Contact us to start strategizing how your organization can best partner with its acquirer.

Just one weak password can put an entire organization’s network and data at risk.

Even as cybersecurity teams are turning to new advances in authentication methods (like passwordless) every day, passwords are still the way that most of us sign on to our online accounts. That also means password breaches are still one of the easiest ways for bad actors to infiltrate systems.

Whether passwords are personal or professional, users tend to follow the same (bad) habits — and utilize a lot of the same passwords. So, it’s important for organizations to set policies and hold trainings that promote the use of strong passwords and seek safeguards with the use of additional authentication methods.

These are some of the emerging and recurring password trends and statistics so far this year.

Editor’s Picks: Password Statistics

Most users don’t realize how easy it is for attackers to breach a portal through weak passwords—and they don’t consider how much damage a breach causes.

• 70% of weak passwords can be cracked in less than 1 second by hackers using simple brute force attacks.
• Weak passwords are the cause for over 80% of organizational data breaches.
• Up to 30% of data breaches at organizations are caused by individual users sharing passwords, reusing passwords, or falling for phishing scams.
• On average, data breaches cost over $4 million per incident, with larger organizations facing damages that can rocket to tens and hundreds of millions.
• Strong passwords are more effective than most people realize. A complex 12 character password takes 62 trillion times longer to crack than a 6 character password.

JumpCloud Password Manager

JumpCloud’s decentralized architecture eliminates master passwords.

Get the Details

Consumer Password Statistics

In 2024 the password story was the same for a lot of consumers. Overall, people still have the bad habit of using weak passwords and recycling credentials—setting the same passwords across multiple accounts.

But with cyberattacks on the rise, people are starting to become more password savvy and seek new solutions like password generators or password managers.

10 Most Common Weak Passwords

The most common weak passwords have become classics at this point. Strings of sequential numbers, letters, keys, and of course “password” itself top this year’s list yet again.

1. 123456
2. admin
3. 12345678
4. 123456789
5. 1234
6. 12345
7. password
8. 123
9. Aa123456
10. 1234567890

Old favorites like “Qwerty,” “Password123,” and “000000” still rank among the top 25 too.

Average Number of Passwords per Person

Password usage continues to climb steadily in tandem with the use of online accounts.

• In 2020, individuals averaged more than 100 online accounts that required passwords.
• In 2024, the number of passwords grew to almost 170 per individual.
• Most people use an additional 80-90 passwords at work.

Password Reuse Rates

Password reuse rates remain high, which makes it easier for cybercriminals to take advantage of credential stuffing to break into multiple online accounts. Credential stuffing uses automated processes to try passwords and usernames on thousands of different websites.

• Up to 60% of individuals say they reuse passwords across multiple sites.
• 13% of people use the same passwords for all accounts.

Password Hygiene and Security

Security has improved as people get more educated about online crimes and identity theft, but there’s still a long way to go when it comes to protecting accounts.

• The use of multi-factor authentication (MFA) has increased to roughly 50% of individual users.
• It’s estimated 20-30% of people still write their passwords down, making it easier for others to find them.
• About 30% of people regularly change their passwords, which offers more protection if done right. But new studies have shown that password changes often lead users to make weaker passwords which can be counterproductive.
• Users share passwords with each other in 10-20% of their accounts.
• Streaming services have the highest number of password and account shares at 22%. Passwords for online shopping accounts are shared at a rate of 17%.

Business Password Statistics

Since the remote work boom, organizations have made password and account protection a priority. While security standards and improved tools help, weak points persist with employees on an individual level.

Password Management in Organizations

Password policies and management tools tend to be more stringent in larger organizations, then fall off with small- to medium-sized businesses (SMBs).

• 83% of enterprise organizations use multi-factor authentication. 70% have implemented password management tools. However, it’s been found that 52% of users reuse passwords across multiple accounts.
• 60% of SMBs use MFA. 50% deploy password managers. Around 70% have password policies, but policy enforcement enforcement may not be as strict as larger companies.
• Government and academic institutions deploy the highest level of account protections with 95% using MFA, 80% using password management, and 100% authoring strong password policies.

Employee Password Behaviors and Hygiene

Even with password policies in place, it’s difficult for organizations to control the actions of every one of their users. Some employees are simply lax with security, while others bend the rules if they get in the way of getting the job done.

• Surveys suggest about half of all employees reuse the same passwords for work and personal accounts.
• About 25% of co-workers share passwords with each other.
• Password fatigue is a growing problem for workers, with frequent password changes and the number of passwords needed for different accounts leading to the use of weaker passwords overall.

Password Policies in Enterprises

Writing and enforcing password policies is one of the best first lines of defense against hackers. Here are some guidelines for creating an effective password policy for your organization.

• Set a minimum length of 12 characters.
• Require different character types, including upper and lower case letters, numbers, and special characters.
• Prohibit the use of common patterns and simple sequences, like 123456.
• Prohibit the use of personal information, such as birthdays.
• Change passwords every 90 days.
• Keep a history of previous passwords and prohibit password reuse.

In addition to password policies, there are strategies and tools that will increase the effectiveness of security when combined with passwords.

• Use multi-factor authentication, including time-based codes and passwords or biometric authenticators.
• Use single-sign on (SSO) to reduce vulnerabilities to a single point, reduce password fatigue, and enhance the password experience for users.
• Set up self-service reset for users, so that they can reset passwords quickly without waiting for IT.

Pricing Options for Every Organization

Packages and A La Carte Pricing

Explore JumpCloud Pricing

Data Breach Statistics

Data breaches are costly, resulting in damage to networks, lost productivity, fines and litigation, and loss of customers. Both Accenture and the Ponemon Institute estimate the cost of a data breach to average over $4 million.

Password-Related Data Breaches

Password breaches are still the most common way for cybercriminals to gain unauthorized access into networks. Compromised passwords account for more than half of all data breaches.

• Phishing is the culprit behind 70% of password theft, as methods evolve with technology.
• Brute force attacks, where bad actors randomly guess passwords, are effective a surprising 20% of the time.
• Credential stuffing is responsible for about 10% of breaches.
• Up to 30% of data breaches are enabled by internal factors, like sharing passwords, credential recycling, or users falling for phishing scams.

Impact on Personal and Business Data

While statistics vary depending on organizations and individuals, studies indicate improving password policies and management is proven to prevent attacks and data breaches.

• Password management reduces the risk of breaches by 30-50%.
• Enhanced security measures like MFA and SSO reduce the risk of cyberattacks by up to 25%.
• Customer trust increases by up to 20% for companies with a reputation for cybersecurity.

Case Studies and Examples

The average cost of a data breach is around $4 million, but the cost of the biggest breaches soars far above. Many organizations often face repercussions that go beyond finance. 2024 has produced some of the most damaging data breaches on record.

Ticketmaster

Millions of customers had their personal and financial information stolen from Ticketmaster’s database in April and May in what was believed to be a credential stuffing attack. Customers immediately started reporting incidents of identity theft. Cybersecurity was one of a number of problems that the U.S. Department of Justice found in an investigation into the company, and contributed to a lawsuit that the DOJ filed against Ticketmaster and Live Nation.

Dell

A hacker used a brute force attack to gain access to Dell’s network using a backdoor through a Dell reseller’s client portal. The attack leaked customer data and payment information across the web. Dell’s security practices were put under scrutiny by federal regulators as legal issues with customers piled up.

RockYou2024

This wasn’t a single organizational breach, but a massive password leak that’s thought to be the biggest in history. Almost 10 billion passwords compiled from a combination of past and current data breaches were dropped in a text file on an online forum. That volume of passwords from one source creates a huge opportunity for attackers using credential stuffing to carry out successful future attacks.

The Future of Password Security

By now, cybersecurity experts are aware password security has its limits when left in the hands of individuals. New technologies that generate and manage passwords or provide authentication without the need for passwords at all will eventually reduce the reliance on individuals within organizations.

Passwordless Authentication Trends

More and more organizations are adopting tools like push notifications, time-based security codes, hardware tokens, and biometrics as they seek ways to implement passwordless authentication.

If you’re seeking a solution for passwordless authentication, JumpCloud Go™ is a phishing-resistant device-level authentication method that offers the ability to authenticate without a password. JumpCloud Go uses biometric authenticators to reduce password usage and satisfy MFA requirements for SSO apps used on managed macOS, Windows, and Linux devices. JumpCloud Go is part of JumpCloud’s Platform and Platform Prime packages.

You can explore the entirety of JumpCloud’s security features with our guided sims.

Innovations in Cybersecurity

New developments are making logins more secure every day, with improvements in password creation and management, plus new authentication methods.

• Biometric authenticators are gaining popularity with users and organizations. Fingerprint and facial ID logins are the most common.
• Hardware security modules (HSMs) create cryptographic keys and store them in a secure environment. They are being used more frequently in payment processing, digital signatures, and cloud computing situations.
• AI is being used to assess password strength, identify phishing threats, and monitor behavioral biometrics and device usage to detect anomalies and suspicious activity.
• Cloud-based sync is being deployed to centralize password management, improve version control and security updates, and reduce the risk of data loss.

Predictions and Future Challenges

Exploiting weak passwords is a proven strategy for bad actors. AI gives cybercriminals new ways to launch password attacks, making phishing more believable and credential attacks more powerful.

Organizations can counter password attacks by improving user awareness and seeking authentication methods that relieve password fatigue. Password management and generation take the pressure off individual users and makes it easier for admins to ensure policies are followed. Passwordless authentication through push notifications, one-time and time-based passwords add an extra layer of security.

JumpCloud Password Manager is integrated across our product and directly into all SSO applications. Read more to see how JumpCloud helps your team to securely manage and share passwords, 2FA tokens, and other sensitive information while giving your security team full control over passwords used across your organization.

Sign up to create a free trial account to see how JumpCloud improves password management and authentication for everyone on your team. If you’re not ready to get your hands dirty (yet) try signing up for a free, no-obligation demo from a JumpCloud expert to ask pointed questions and learn how JumpCloud may fit your specific needs.

Editor’s note: this article is meant to be a helpful guide for Linux administrators and enthusiasts, and does not necessarily imply direct coverage within the JumpCloud Directory Platform. While JumpCloud has a wide array of features that support multiple Linux distributions, we recommend looking at our compatibility matrix to ensure adequate coverage for the distributions you support. 

Encryption is considered to be a fundamental aspect of securing data. For Linux users, especially those using popular distributions such as Ubuntu, Debian, RedHat, Fedora, or others, selecting the appropriate encryption tools can significantly impact the security and performance of their system. We will comprehensively analyze existing and mostly used encryption tools available for these distributions so that we can explore features, strengths, and weaknesses. 

Before providing different encryption tools, we need to understand the basic concepts of encryption. Encryption is the process of converting data into code to prevent unauthorized access. It is achieved by using algorithms that transform the original information which is in plain text format into an unreadable format or ciphertext. There are multiple approaches to encryption and also the security itself depends on the strength of the algorithm and the secrecy of the key that is used to encrypt and decrypt the data.

Key Types of Encryption

• Symmetric Encryption: Uses the same key for both encryption and decryption. This type of encryption includes AES (Advanced Encryption Standard) and DES (Data Encryption Standard)
• Asymmetric Encryption: This type utilizes a pair of keys, where a public key is used for encryption and a private key for decryption. Examples are RSA (Rivest-Shamir-Adleman) and ECC (Elliptic Curve Cryptography).

Different Types of Encryption Tools for Linux

Several encryption tools can be used in Linux, and each of these has its unique features and use cases. They also come with pros and cons. We will focus on the following tools:

• GnuPG (GPG)
• dm-crypt/LUKS
• EncFS
• eCryptfs
• VeraCrypt

GNUPG (GPG) 

GnuPG, or GPG is an open-source implementation of the OpenGPG standard. It is mainly used when encrypting files and communications, offering both symmetric and asymmetric encryption. It works across multiple Linux distributions, there is a proper key management where we can generate, sign, or revoke a key. It supports both file encryption and email encryption. The only drawback is that can be challenging for beginners due to the command line interface and also complex key management.

Let’s try to generate a GPG key pair, encrypt a file, and then decrypt it. In this example, we will use the latest Ubuntu 24.04 version.

GPG is already installed on Ubuntu by default, so the next step is to generate a GPG key pair with the following command:

Choose the default setting under number 1, which is RSA and RSA.

Next, select the key size, where the 2048-bit setting is fine but the 4096-bit setting is more secure. 

The following prompt will ask us about the key expiration, so we can choose for how long you want the key to be valid. For this example, we can choose 0 for no expiration. To increase the security of your files and information, consider placing proper expiration.

The next prompt is where we can add the real name, email address, and potential comment. These fields are not mandatory and at the bottom of the prompt, you can press O and Enter.

Now we need to enter the passphrase so we can protect our key. Make sure to place complex passwords and combinations of letters (both uppercase and lowercase), numbers, and special characters.

After the process, you will get a similar output:

Now we can first create a sample file and encrypt it with our newly generated GPG key:

Make sure to change the command according to your user ID.

If we list the directory we will see that a new file has been created with the extension .gpg

Now, we can decrypt our file by running the following command. Also, we will be prompted for the passphrase that we set up earlier.

After the decryption process, we can see that the contents of our file are the same as the one we encrypted.

dm-crypt/LUKS

Dm-crypt and LUKS are often mentioned together because they are complementary components used for disk encryption in Linux. Dm-crypt is a kernel-level disk encryption sub-system which a part of the Linux device mapper, and it can encrypt entire disks or partitions. Since it’s a part of the Linux kernel, this means that it offers highly efficient encryption while supporting various encryption algorithms and key sizes. 

LUKS (Linux Unified Key Setup) is a standard for disk encryption and it is primarily designed to simplify the usage of dm-crypt. It provides a standardized on-disk format that ensures proper compatibility while simplifying the process of setting up and managing encrypted partitions. It also supports multiple passphrases, which allows easier key management and recovery.

In this process, when you configure the disk encryption you use tools like “cryptsetup” tool which will initialize LUKS on the partition and manage it. We have articles that cover the entire process of encryption with LUKS. 

EncFS

EncFS is an encryption tool where it runs without any kernel-level modifications. This type of encryption will encrypt individual files rather than entire partitions, and it is simple to set up and use for beginners. The drawback is that it is slightly slower than kernel-based encryption methods due to user-space operation. There is also a concern about the strength of its encryption compared to other tools.

If you try to install it on the latest version of Ubuntu, you will receive the following information:

eCryptfs

eCryptfs is a stacked cryptographic file system that allows you to encrypt certain directories. This tool will automatically encrypt and decrypt files as they are accessed. When it comes to integration, they are built into the Linux kernel, which ensures compatibility and performance. It is easy to use and generally, it has good performance due to kernel-level integration. One of the drawbacks is less flexibility regarding encryption options and configurations. There is also limited community support compared to other tools.

We can start by installing the utilities needed for this tool:

Next, we can create two directories, one for the encrypted data and one for the mount point.

Now, we can mount the “encrypted_data” directory to “decrypted_data” using eCryptfs:

We will be prompted to enter our preferred option, in our case we will use the passphrase. So, press 1 and press Enter.

We can also proceed with the default value of aes, select the keysize to 32, and type n for the Plaintext Passthrough option, since in that case files written to the eCryptfs mount point are not automatically encrypted. This can be useful for debugging and testing purposes, but make sure to disable this option in production environments.

In this process, we will also enable filename encryption:

We can now use the “decrypted_data” directory as we would use any directory in our system. The files in this directory will be encrypted and stored in the “encrypted_data” directory.

Next, we can create a file in the decrypted directory.

We can verify that the file is encrypted if we check the contents of our “encrypted_data” directory.

VeraCrypt 

VeraCrypt is a popular open-source disk encryption tool that is derived from TrueCrypt. It can offer both full-disk encryption and virtual encrypted disks. It is available for different operating systems such as Linux, MacOS, and Windows. VeraCrypt also supports the creation of hidden volumes for increased security. It comes both with GUI as well as command-line options. Some of the drawbacks are slightly higher overhead when compared to native Linux tools and some advanced features can be complex to configure.

Comparing Encryption Tools Across Linux Distributions

Different Linux distributions (and their communities) may favor one tool over another. The same goes for compatibility, default configurations, and package management. Here is a breakdown of encryption tools for popular distributions.

Ubuntu and other Debian-based distributions

• GnuPG: Essential part of the system, used for package signing and more.
• dm-crypt/LUKS: Supported with extensive documentation where tools like “cryptsetup” are readily available.
• EncFS: It is available in the repositories but due to security issues, it is not the preferred tool to use.
• eCryptFS: Commonly used for home directory encryption; it’s not pre-configured and may require a manual setup for Debian. 
• VeraCrypt: This tool is available for installation through third-party repositories, and the basic setup is relatively easy to use.

Redhat, Fedora, and other RHEL derivatives

• GnuPG: Mainly used for securing communications and package signing.
• dm-crypt/LUKS: It’s a preferred method of disk encryption and it also has enterprise-level support for RedHat. Cryptsetup is readily available, similar to Debian-based distributions.
• EncFS: It is available for installation, however, it is not preferred or recommended for enterprise environments due to security issues.
• eCryptFS: Supported, with good documentation and community support. It is less used compared to dm-crypt/LUKS.
• Veracrypt: Available through third-party repositories but it’s less commonly used in enterprise environments. It is directly supported by Fedora.

Choosing the Right Encryption Tool

Selecting the right encryption tool for your Linux operating system ultimately depends on your needs and the distribution you are using. 

We can recommend dm-crypt/LUKS for full-disk encryption across all distributions. It is a great choice that offers strong security and it doesn’t affect the performance of your system. 

When you need to encrypt specific files or directories, tools like GnuPG and eCryptFS provide enough protection as well as flexibility and ease of use. EncFS can be used for testing, but we are not recommending it for production environments. VeraCrypt is also a good choice for users who work across different operating systems and GUI can help with the configuration.

Choosing the exact encryption also depends on the requirements for your use case, security requirements, technical proficiency, and specific demands of your Linux distribution. By understanding the features and capabilities of each tool you can make an informed decision.

JumpCloud offers a wide range of management capabilities to support Linux systems across many different distros and versions. If you haven’t seen them yet, head to our Help Center where you can see what versions of Linux we support as well as guides on important topics like configuring settings for Linux policies, setting up patching schedules, and (of course) configuring data encryption on Linux devices.

Passwords were invented to protect things; to make systems more secure. 

But today? That is no longer the case. 

Instead of a reliable defense, passwords have become one of the weakest links in cybersecurity. Managed service providers (MSPs) face this struggle more than most. They manage countless user credentials, endless reset requests, and defend against password-related breaches across their clientele. 

Cybercriminals are getting smarter. Their ability to exploit weak or reused passwords is a growing threat to the integrity of client systems. Luckily, passwordless authentication provides a more secure alternative to using traditional passwords. Let’s explore why passwords are problematic for your business, how you can benefit from passwordless authentication, and how to implement it successfully.

Why Passwords are a Problem for MSPs

Can you guess the most common password in the world? 

Your guess is probably right. According to Cybernews it is “123456”. While it’s almost impossible to use such a password today due to password policies, weak passwords still lead to data breaches for many users.

In fact, weak passwords were the reason why 30% of internet users have experienced data breaches. For MSPs, making sure this never happens to their client is often the part of the deal. However, cyberattacks are more sophisticated than ever, which makes traditional password-based systems inefficient and risky. 

Some of the key reasons why as an MSP you should start rethinking about your password strategy for your clients:

Weak password practices

Many users continue to use weak passwords. Despite password policies, clients often reuse passwords across multiple platforms. They also create new ones that don’t meet security standards. If a system or app isn’t managed, the MSP may not have any control over the matter. This leaves gaps in client security postures that open the door to brute-force attacks and credential stuffing.

Credential theft and phishing attacks

57% of organizations go through phishing attempts on a weekly or daily basis.

Passwords are often the primary targets for attackers. They focus on credential theft largely through phishing attacks. Therefore organizations that don’t implement passwordless authentication are under higher risk of these attacks. Regardless of the amount of security training you put in place, passwords will always be a risk if they are still in the equation.

Password-related support ticket overload

Managing client password resets, account lockouts, and other passwords-related tickets consumes a significant amount of an MSPs’ time. This could be used for more critical tasks and strategic IT management instead.

Compliance risks

Compliance regulations like HIPAA, PCI-DSS, GDPR, and SOX mandate stringent guidelines around password policies. Ensuring all client environments meet these requirements can be a challenge, especially when each regulation has its own set of rules. On top of that, if you have multiple clients across different industries, it becomes even more difficult.

Security gaps due to human error

To err is human. Even when password policies are in place, human error leads to security risks. End users might bypass your policies (e.g. using personal information or predictable patterns in passwords) or fall victim to phishing attacks.

Suggested reading:Best Practices for IT Password Security

What is Passwordless Authentication?

Passwordless authentication is a security method that allows users to access applications, systems, and data without the need for a traditional password. Instead of requiring password input, passwordless authentication relies on alternative, more secure methods to verify user identities. These include biometrics, hardware tokens, email or SMS-based one-time passcodes (OTPs), cryptographic keys, and Single Sign-On (SSO).

Maintaining an organized set of IT assets is a continuous challenge. If users can’t easily find the assets they need, production bottlenecks may occur. If your IT team can’t keep track of what the organization is paying for, cost inefficiencies pile up. And if you don’t know what’s on your network, you can’t ensure that your network is secure. All of these unknowns make it hard to optimize your resources and make good decisions.

To manage your IT asset inventory effectively, you must first identify all the assets your organization has. This process is called discovery, and it’s the first step toward optimizing IT asset management (ITAM) for security and scalability.

IT Asset Discovery Definition and Importance

IT asset discovery is the process of identifying and organizing all the IT assets an organization uses. The result is a full inventory of software applications, databases, physical devices, cloud services, and more. This crucial first step is vital for pursuing a successful ITAM strategy.

Key Components of IT Asset Discovery

The process of IT asset discovery typically relies on a purpose-built software tool. The tool scans your network looking for individual assets and their specifications. Then it categorizes them according to those characteristics.

Some of the basic categories you may sort IT assets into during the discovery process include:

• What assets need management. Assets should be categorized according to their type. For example, mobile devices and endpoints may be in a separate category than software licenses.
• Where assets are located. Knowing where assets reside is a key goal of IT asset management. The question of “where” applies equally to physical geography, business function, and software environments.
• How assets function. This important component lets you define interdependencies between assets. For instance, you may group software licenses with the drivers necessary to run the software.

Examples of IT Assets

Anything that has value to your organization is an asset. IT assets are a subcategory focusing on how you process and communicate information through technology. This can include a broad range of items in a modern enterprise context.

Hardware Assets

Desktop workstations, laptops, servers, and smartphones are all examples of hardware assets. Peripheral devices like printers and smart displays are also part of this category. 

These are all physical devices that occupy a unique place in your network. Practically every device with a MAC address can be treated as a hardware asset.

Software Assets

Software assets include mobile, desktop, and cloud-based applications. This category also includes things like browser extensions and digital certificates. When it comes to Software-as-a-Service applications, both the SaaS solution and your licenses to use it are software assets, as well. 

Depending on the specifics of your organization, you may also treat intellectual properties as software assets. For example, the codebase of an application under development is a high-value IT asset distinct from most other types of software.

Virtual and Cloud Assets

Virtual machines, cloud instances, and serverless functions are all examples of cloud assets. These are similar to software assets, except that they exist independently of your in-house IT infrastructure. That gives them unique characteristics that merit special categorization.

Network Devices

All of the equipment your organization uses to maintain its network infrastructure — like routers, switches, and firewalls — also count as IT assets. These devices operate on your network and play an important role in ITAM, especially from a security perspective. 

IT Asset Inventory List

Creating an inventory list of your organization’s IT assets is the first step toward managing those assets effectively. This list can take many forms. Startups and small businesses may start by tracking assets in a document or spreadsheet; however, as they mature their ITAM program, they should look for a more sophisticated and robust asset management solution. Large enterprises must also use a dedicated database augmented with robust synchronization features.

Importance of an Inventory List

Your IT asset inventory list plays a major role in compliance. If your organization faces a financial or IT audit, it will have to access data on its entire inventory of IT assets. This applies both to organizations pursuing voluntary compliance frameworks and to those required to keep track of IT assets by law.

Beyond compliance, having comprehensive, up-to-date information on your organization’s IT assets also helps optimize operations and security. Good management boosts productivity and prevents loss. It empowers management to make better decisions and avoid business disruption.

How to Create an Effective IT Asset Inventory List

It’s important to create your IT asset inventory list according to a detailed plan. Take time to define your scope and objectives before looking for asset discovery tools. The ideal solution for your organization may be different from other organizations in your field. 

While startups and small businesses may create IT asset inventory lists manually, the needs of the modern enterprise require automatic discovery. Even a modestly growing organization will quickly find that manual processes can’t keep up.

There are two basic types of automated asset discovery tools:

• Agentless discovery tools rely on network protocols to discover IT assets. This tool sends out polls that interrogate connected assets about their identity and configuration. This is an active technique that requires pre-configured assets. For example, you may need to activate SNMP on newly connected devices so the agentless tool can recognize it.
• Agent-based discovery tools use a passive approach. You start by installing a client agent on every IT asset in your network. This agent sends data to your ITAM platform. This offers more information then the agentless approach, but it comes with higher maintenance costs and overhead.

Your preferred method of building an IT asset inventory list will influence your ability to tag and label assets effectively. Ideally, your organization will implement an automated system for issuing asset tags. Otherwise, you may manually have to complete that task. In either case, your team will need extensive training on your new asset management policies.

Features of IT Asset Discovery Tools

Both agentless and agent-based IT asset discovery tools work to achieve the same results. Both simplify the process of gaining visibility into IT infrastructure. They often go about it in similar ways, too. Here are three main features that your IT asset discovery tool should have:

Automated Scans and Updates

Automatically detecting connected devices and software is the main goal of asset discovery. To do that, your asset discovery tool must scan your entire network looking for devices and software. It can then identify these assets and report on their configuration.

Updates are also an important factor of IT asset discovery. These tools need to accommodate new devices and software as it hits the market. That means receiving updates showing how to identify new assets. High-quality scanners from reputable vendors generally take care of the update process autonomously.

Real-Time Monitoring

IT asset discovery is not a one-time task. Your organization will continue growing and changing over time. It will provision new assets, onboard new users, and deploy new technologies. You should not have to manually run IT asset discovery on a regular basis to accommodate these changes.

Instead, your scanning tool will run automatically in real time. When new devices are connected to your network, it will detect and gather data on them. This gives your IT team real-time visibility into your IT infrastructure and helps you maintain a robust security posture. If unauthorized devices or rogue assets are connected to your network, you should know about it quickly.

Comprehensive Reporting

Many organizations pursue IT asset management for compliance purposes. Your asset discovery tool should issue compliance reports that serve this goal. These reports demonstrate that your organization adheres to specific compliance requirements and consistent internal policies.

To generate these reports, your IT asset discovery scanner will need to create an audit trail as it scans your network. This allows you to compile documentation that shows how you detect and manage assets. Organizations pursuing GDPR, HIPAA, or SOX compliance must adhere to strict IT asset discovery regulations.

Benefits of IT Asset Discovery

The ability to track and categorize assets automatically provides a significant boost to efficiency and productivity. The larger and more complex your organization’s IT environment is, the greater these benefits will be. And if your organization plans to grow, establishing an asset discovery program as early as possible will help ensure your IT scales smoothly.

Enhanced Security

IT asset discovery can have a transformative impact on endpoint security. Without automated discovery, your security team can only detect newly connected assets through manual processes and proactive threat hunting. Gaining real-time visibility into your IT asset inventory enables faster, more accurate detection and response.

You can leverage the data generated by your asset discovery tool to improve operational security. For example, your insider risk team may wish to know how long a device under investigation has been in use in the organization. That data may not be available anywhere else. Your asset discovery scanner will tell you exactly when that device first appeared on your network — and where.

Improved Resource Management

The ability to easily map asset dependencies helps reduce the time and cost of asset maintenance. This improves your organization’s ability to manage resources that may otherwise be used wastefully. 

When configured correctly, your asset discovery tool can help you identify high-value assets nearing the end of their lifecycle. If your IT team prioritizes preventative maintenance for these assets, you can mitigate the risk of costly disruption when they fail. If the asset can’t be repaired, you may choose to proactively replace it.

Compliance and Risk Management

Many regulatory frameworks include IT asset discovery in their requirements. Others avoid specifically calling for automated discovery. Nevertheless, achieving compliance with these frameworks is often much easier with a full-featured asset discovery tool.

That’s because manual IT asset discovery processes are time-consuming and error-prone. Compliance frameworks generally want to reduce the risk associated with these kinds of activities. Implementing a robust, automated solution makes it far less likely that your team overlooks an important IT asset.

Cost Savings

Tracking your IT assets and understanding the relationships between them improves efficiency across the board. When leaders and managers have accurate information about their assets, they are better equipped to keep up with the organization’s changing needs.

This translates directly to increased cost savings. Investing in IT asset management reduces the risk of asset underutilization and feature duplication. It helps decision-makers accurately predict costs and identify ways to reduce them over time.

This is especially true when supported by a strong IT asset management strategy and combined with IT service management (ITSM) processes. These two concepts provide ample opportunity to reduce costs without compromising on quality or productivity.

How to Choose an IT Asset Discovery Solution

Before you can choose the right IT asset discovery solution, you must carefully assess your broader ITAM strategy. Understanding your short-term and long-term goals is key to finding the solution that delivers value.

Evaluating Your Needs

No two organizations have the same security risk profile, asset inventory, or growth strategy. Your choice of IT asset discovery solution is a reflection of your organization’s needs.

For example, your growth goals will determine how scalable you need your solution to be. If your organization has a large number of unregulated, outdated, or duplicate assets, you’ll need a robust, automation-ready solution built for visibility and policy enforcement. Organizations pursuing regulatory compliance may need specific features stipulated by regulators.

Key Criteria to Consider

When looking for an IT asset discovery tool, prioritize integrated solutions that provide a single source of truth for your entire tech stack. Conducting ad hoc integrations for unsupported devices and applications can quickly slow down the IT asset discovery process. It can introduce user experience friction and may even impact your security posture.

Discovering unmanaged applications and IT resources is vital to asset management and security. Simplify the process with a full-featured IT asset discovery and management platform with streamlined user provisioning, utilization monitoring, and access request management. JumpCloud can help you consolidate IT management and security through its simple and powerful open directory platform. Sign up for a 30-day free trial to find out more.

After several notorious ransomware gangs were knocked out by law enforcement in 2023, ransomware attacks are on the rise again and soaring to all-time highs in 2024. Many gangs quickly reorganized and reformed, with leaders launching new platforms and expanding their web of bad actors. 

Ransomware attacks are bigger and bolder than ever this year, but even as attackers focus on new targets, small- and medium-sized enterprises (SMEs) remain under threat. With security breaches and ransom prices surging, it’s critical to stay on top of the latest attack tactics, gangs, and news. Let’s see who’s behind the most damaging ransomware attacks this year, and how you can protect your network, customers, and co-workers. 

Recent Ransomware Attacks In 2024

This year ransomware is on pace to cause over $40 billion in losses for organizations in the U.S. Ransoms, lost productivity, and system outages all factor in the equation. And large-scale breaches involving ransomware are not a phenomenon of 2024 at all. But even worse, people’s lives are increasingly put at risk by malicious attackers. These are some of the most alarming attacks of 2024.

September 2024

NHS London: Qilin ransom gang unleashed an attack that compromised the data of almost 1 million National Heathcare System patients in London hospitals. The attackers published personal information about patients with sensitive medical conditions like cancer and sexually transmitted diseases.

Stillwater Mining Company: In September, Stillwater company officials discovered the personal information of over 7,000 employees had been stolen using RansomHub RaaS (Ransomware as a Service). The attack first happened over the summer, but it took Stillwater months to catch on to the breach.

Kawasaki Motors Europe: RansomHub was also behind a major attack on Kawasaki’s European offices. Kawasaki swiftly shut its servers down to isolate the issue and perform recovery operations. RansomHub claims to have stolen almost 500 GB of data.

August 2024

City of Columbus, OH: Rhysida ransom group stole a massive 3TB of data from the City of Columbus, including sensitive employee records and data. After the city refused to meet Rhysida’s ransom price all the data was dumped onto the dark web.

Sumter County, FL Sheriff: Rhysida hit another government target, breaching the Sheriff’s Office systems and potentially compromising 150,000 citizens. Passports, SSNs, and other data was stolen. Rhysida demanded a payment of 7 bitcoin (worth almost half a million dollars).

Keytronic: Electronics manufacturing firm Keytronics reported losing over $17 million due to a ransomware attack by Black Basta, that disrupted production and office operations at its facilities in the U.S. and Mexico.

July 2024

Disney: NullBulge Group stole 1TB of data from Disney’s internal Slack platform and leaked it online. The breach included unreleased Disney projects, concepts, artwork, and code. The hackers asserted they were acting in the name of “artists’ rights.”

AT&T: Hacker group ShinyHunters stole metadata from all call logs and texts made by AT&T customers over a six-month period in 2022.

Rite Aid Pharmacy: Over 2.2 million patients were compromised by RansomHub attackers that posed as Rite Aid employees to steal their data. RansomHub threatened to leak personal information, ID numbers, and driver’s license information obtained from Rite Aid. 

June 2024

Panera Bread: An attack by an unknown group interrupted service on Panera’s website, app, phone systems, and POS systems. Thousands of employee social security numbers and other personal information was also stolen in a major data breach. Internal sources indicate Panera succumbed to the attackers’ demands, paying an undisclosed ransom.

Pandabuy: Giant Chinese shopping platform Pandabuy paid a ransom to prevent stolen customer data from being leaked — but then the hackers immediately demanded another ransom. The ongoing conflict resulted in 3 million rows of customer data being leaked onto BreachForums.

Cleveland, OH: An unknown hacking group forced Cleveland City Hall to temporarily shut down due to a ransomware attack that debilitated city computer systems.

CDK Global: BlackSuit ransomware caused a major IT outage that wreaked havoc on thousands of car dealerships in North America. CDK struggled to restore services to the dealers effectively or in a timely manner, forcing them to pay the ransom so auto dealers could get back online.

May 2024

Wichita, KS: Several government services were shut down to prevent a malware attack from spreading across its entire network. LockBit was responsible for the attack that disrupted payment systems and brought flight operations to a halt at the Wichita airport.

Ascension Health: An “honest mistake” led to a disruption of clinical operations at one of the largest Catholic health providers in the U.S. Black Basta was behind an attack that launched after an employee mistakenly downloaded a malicious file.

Ohio Lottery: 500,000 people were affected by an attack on the Ohio State Lottery. Hacker group DragonForce took credit, and said they gained access to employee and player data including contact information, birthdates, winnings, and social security numbers.

Ticketmaster: ShinyHunters stole credit card details, contact and personal information from over 550 million Ticketmaster/Live Nation customers. The group put the data up for sale on the dark web, priced at half a million dollars.

Aril 2024

Omni Hotels: Daixin ransomware launched an attack that took down Omni Hotels’ network nationwide and impacted reservations, hotel room locks, and POS systems. Daixin posted screenshots of sensitive stolen data from over 3.5 million Omni guests.

Group Health Cooperative (Wisconsin): A BlackSuit data breach stole personal and medical documents from more than 500,000 patients. Systems were shut down for several hours as internal IT teams worked to contain the attack. 

United Nations Development Programme: UN systems were breached by 8Base, disrupting UN operations in Copenhagen. During the attack 8Base claimed to steal massive amounts of confidential information, including accounting records, contracts, invoices, and other official documents.

UnitedHealth Group: BlackCat ransom group, also known as ALPHV, stole 6TB of sensitive patient data. United Health stated the breach caused more than $800 million in financial damages — in addition to meeting BlackCat’s demands for a $22 million ransom.

March 2024

Duvel Brewery: Beer production was brought to a halt at one of Belgium’s largest breweries after a ransomware attack by Stormous.

Crinetics Pharmaceuticals: Internal IT teams uncovered suspicious activity in an employee account — but by the time they had isolated the threat, LockBit posted that they’d breached Crinetics systems and stolen major amounts of data. LockBit demanded a $4 million ransom.

MarineMax: Rhysida ransomware struck the world’s largest luxury yacht dealer, stealing financial information and company records as well as information from a database of the world’s wealthiest customers. Rhysida put the data up for sale for the price of 15 bitcoin.

February 2024

Lurie Children’s Hospital: The Chicago children’s hospital had to take IT systems offline and was forced to delay care for many of its patients. Rhysida set a price of $3.7 million for 600GB of data that may include as many as 200,000 patients. After Lurie refused to meet the price, the data was leaked online.

California SEIU 1000: A union that represents 100,000 California workers suffered network outages after an attack by LockBit. The ransomware gang stole employee SSNs, financial documents, and salary information.

Trans-Northern Pipelines: The Canadian petroleum pipeline operator was hit by a ALPHV ransomware attack. Trans-Northern said their security teams quickly isolated the incident without major issues, but ALPHV claims to have stolen almost 190GB of company data and documents.

January 2024

Fulton County, GA: A LockBit attack crippled Fulton County government systems for weeks, causing problems for utilities, court, and tax networks. Everything from marriage licenses to police operations were affected, and many offices had to resort back to using paper forms during the outage. LockBit claimed they gained access to “confidential documents” and threatened to leak them.

loanDepot: An unknown group disrupted payment systems that disrupted mortgage payments for millions of loanDepot customers. The hackers also stole the data of over 16 million customers, potentially including bank account information. 

Bucks County, PA: Hackers knocked out 911 terminals inside fire, police, and emergency vehicles in a Pennsylvania county home to 650,000 residents. The National Guard was brought in to assist with emergencies as the county attempted to resolve the issue.

Schneider Energy: Cactus ransomware stole terabytes of company data in a breach. The attack compromised over 2,000 enterprise clients including Walmart, PepsiCo, Hilton, and DuPont. It’s unknown whether ransom demands were met. 

Notable Ransomware Groups

Even after coordinated federal and international crackdowns, ransomware gangs are as powerful as ever. Groups that were previously broken up emerged under new criminal organizations, and newer gangs rose to prominence in some of the highest-profile attacks of the year. These are a few of the most dangerous names in ransomware. 

LockBit is a Russian gang with global reach that roared back with a vengeance in 2024 after suffering a defeat when law enforcement took down its platform. LockBit provides RaaS (Ransomware as a Service) and has been the most deployed ransomware since 2022. Because of LockBit’s popularity, attacks can vary greatly in tactics and techniques.

ALPHV/BlackCat was formed after a gang known as BlackMatter’s servers were taken down by a sting in 2021. ALPHV makes some of the most technically advanced ransomware out there, capable of evading even the top cybersecurity systems. They’re thought to have the most experienced and tech savvy network of affiliates, and attack both Windows and Linux systems. ALPHV is one of the only ransom gangs to use a “triple extortion” technique leveraging stolen data, encryption, and denial of service attacks.

Rhysida is a fast-rising, aggressive ransomware gang responsible for some of the most damaging attacks in 2024. Rhysida’s malware was initially considered to be novice, but it rapidly became more elaborate and difficult to detect. Rhysida has led the offensive against healthcare systems and government offices.

Hunters International, ShinyHunters, 8Base, and BlackSuit are other established ransomware gangs that thrived in 2024. DragonForce and RansomHub are newer names emerging as more formidable threats this year.

Latest Ransomware Trends

Several ransomware trends took hold this year, with attackers focusing on bigger targets and demanding bigger payouts to match. Attacks on infrastructure became more common — attackers went hard after healthcare systems, government offices, and supply chain vendors.

Like everyone else, hackers increasingly deployed AI to help them carry out attacks. AI allows malware to adapt in real time to evade security, or can be used to clone voices, email, or other communications to make phishing seem more legit.

Ransomware as a Service continued to grow in popularity, as ransomware providers made their platforms more accessible to bad actors with fewer technical skills. Ransomware also got more sophisticated across the board, taking advantage of zero-day vulnerabilities more frequently and utilizing remote access tools to improve the effectiveness of attacks.

As always, phishing attacks on individual employees were one of the most effective ways for ransomware gangs to exploit systems. Attackers often breached security through individuals in BYOD situations or on SaaS cloud platforms with fewer safeguards.

With ransomware becoming more accessible and sophisticated, it’s predicted that attacks will only get more frequent — and more disruptive — as we head into 2025.

Ransomware Prevention and Protection

Ransomware can be tough to defend against because it can infiltrate an entire network through just one user. The more you can do to protect your users and network, the better chance you’ll have to successfully fend off bad actors.

Best Practices for Preventing Ransomware

These are some tried-and-true methods to help prevent a ransomware attack and keep your network running securely.

• Use Zero Trust security policies following a “trust nothing, verify everything” principle.

• Secure your network with unique passwords and multi-factor authentication (MFA).

• Keep security patches up to date on all software and services like email, servers, and VPNs.

• Back up data frequently, on multiple different media formats and keep one off-site copy.

• Educate users about device safety and how to recognize the latest phishing scams.

• Utilize AI to fight malware or other malicious threats.

Choosing the Right Security Solutions

The most effective security solutions vary from organization to organization. By taking the time to analyze the specifics around the way your company uses technology, you’ll gain the insights to develop a rock-solid defense strategy.

• Map attack surfaces and be aware of the latest ransomware attack vectors to identify vulnerabilities and determine best defenses.

• Evaluate security risks of SaaS or other third-party platforms your organization is using.

• Evaluate vulnerabilities unique to remote work and BYOD.

• Consider access controls like single sign-on (SSO), conditional access, password management, or passwordless authentication to improve individual user security.

• Unify IT stacks to reduce exploitable security gaps.

Recovery and Response Strategies

No matter how good your defenses are, sometimes ransomware sneaks into your system. By having a response plan ready to go, you can mitigate attacks quickly and stave off major damage.

• Create an incident response plan with standardized protocols for identifying and managing breaches.

• Isolate the infected system to prevent ransomware from spreading.

• Remove ransomware with antivirus and antimalware software, then clean the infected system.

• Restore data from a clean backup source. Refrain from using backups that were made while the system was under attack as they could contain encrypted files that could relaunch the attack.

• Review your security response and make improvements where vulnerabilities are detected.

• Explore insurance coverage against ransomware and other cyberattacks.

If considering a ransom payment, be aware that meeting attackers’ demands usually encourages future attacks.

Secure Identities, Devices, and Access with JumpCloud

JumpCloud brings together a variety of services that bolster your defenses against all sorts of attacks, including ransomware attacks. Whether you leverage JumpCloud to manage your device fleet, end user identities, single sign-on access, or any combination thereof, JumpCloud has the capabilities to help you lock down and protect your organization and minimize your exposure to these types of attacks. 

Learn more about how JumpCloud reduces attack surfaces, makes authentication more reliable and efficient, protects against phishing attacks, and unifies platform and device management across your network.

For managed service providers (MSPs), competition can be stiff, which makes client retention critical. 

Recent findings from JumpCloud’s 2024 SME IT Trends report, however, revealed some indicators of downscaling in small- to medium-sized enterprises’ (SMEs’) MSP contracts: the percentage of SMEs outsourcing their entire IT management has dropped from 42% to 29%. Despite these drops, however, SMEs still seem invested in their MSP relationships: 76% of SMEs use MSPs for some level of IT support, and 67% plan to increase their investment over the next six months. So, how can you leverage SMEs’ continued interest in MSPs, prevent churn, and encourage deeper investments with your SME clients?

This blog will dive into the potential factors driving this downtick in full MSP investment and ideas for retention strategies you can implement to strengthen your client relationships.  

Note: all data cited in this blog is sourced from JumpCloud’s eBook, Your Route to Positive Client Interactions, unless otherwise cited. 

Understanding Churn Drivers

Understanding the factors that are likely contributing to churn and downscaling is the first step to implementing effective retention strategies to reverse the trend. The following are three common churn drivers among SMEs. 

1. Cost and Mismatched Services

One of the leading causes of client churn is cost. With 75% of SMEs reporting rising licensing and subscription fees from their vendors, it’s no wonder that 28% have decided to stop working with MSPs due to affordability concerns.

In addition to cost concerns, many SMEs feel that the services provided by their MSPs are no longer suitable for their evolving needs. For instance, the report reveals that 26% of SMEs believe they have outgrown their MSP’s offerings, 21% find that their MSPs offer more services than they require,and 16% of SMEs expressed that they felt too small to be a priority for their MSP.This mismatch can create frustration and drive customers to look elsewhere for an alternative MSP with offerings that better align with their requirements.

2. The Security Imperative

Security is a significant concern for SMEs, and it plays a critical role in client retention. In fact, 39% of SMEs (both those that use MSPs and those that don’t) express doubts about MSPs’ ability to manage security effectively. This highlights potential for churn for current customers as well as a barrier to entry for SMEs not yet using MSPs. 

Fortunately, more than half (56%) of the SMEs already working with MSPs reported that their MSPs have improved their security posture.This indicates that many MSPs are delivering on their clients’ expectations of security — the problem may lie in their ability to communicate those services and benefits upfront. 

This situation presents a unique opportunity for you to differentiate your services. By making security a cornerstone of your offerings and including your security offerings clearly in your messaging, you can build trust and loyalty among your clients. Additionally, offering security-focused services or add-ons can enhance your value proposition, showing clients that you prioritize their safety.

3. Poor Client Experiences

The client experience is another vital factor in retention. Nearly a quarter (23%) of SMEs have terminated relationships with MSPs due to poor customer service. This statistic highlights the importance of prioritizing every interaction with your clients. Investing in training for your customer-facing staff will empower them to deliver exceptional service and promptly address any concerns.

Nearly a quarter of SMEs have terminated their relationship with MSPs due to poor customer service or a bad experience.

Strategies for Reducing Churn

To effectively combat churn and attract new customers, consider implementing the following strategies:

1. Diversify your service offerings: Develop flexible service packages that cater to various business sizes and requirements. This approach will help address the concerns of SMEs who may feel underserved or overwhelmed.
2. Foster open communication: Regularly check in with your clients to assess their satisfaction and evolving needs. Staying aligned with their expectations is critical to maintaining a positive relationship with them.
3. Implement feedback loops: Actively seek client feedback and respond to it. This will help you identify areas for improvement before they escalate into reasons for termination.
4. Highlight value beyond cost: Clearly communicate the value you provide — not just in services, but also through enhanced security, compliance support, and the peace of mind that comes with having a dedicated IT partner.

Looking Ahead: Building Lasting Partnerships

By understanding the factors that contribute to client churn, you can strengthen your relationships with SMEs as well as build your customer base. Addressing concerns related to cost, service fit, customer experience, and security will be key to differentiating yourself and communicating your value in a way that resonates with your SME customers.

To dive deeper into these stats and other related to SMEs and how they work with MSPs, check out JumpCloud’s free report, Your Route to Positive Client Interactions.