2024 has been a year of seismic change with a new government coming into power and a UK budget that will undoubtedly impact the UK’s small to medium-sized enterprises (SMEs) in 2025. So, as we look ahead to next year, what technology trends will lead?

We see several dominant trends: a larger proportion of the workforce returning to the office, the increasing adoption of AI, and a heightened focus on security coming from JumpCloud’s bi-annual SME IT Trends reports in 2024. Additionally, data sovereignty issues will come to the forefront as organisations worry about where their data resides, and ever-growing compliance requirements will become a business necessity – no matter the organisation's size.

Welcome back to the office

In 2024 we witnessed more employees returning to their offices or newly centralised work areas, tipping the scale from previously fully remote employees in favour of more hybrid working options. This increasing demand for in-office support is impacting IT teams who must now handle more physical IT support issues than they’ve become used to. Many of the simple problems that users resolved at home are now being directed to the IT department – ‘Where is the toner?’

This forces companies with limited resources to turn to managed service providers (MSPs) for dedicated IT support – either outsourcing their IT support needs or specific elements to a service desk. According to JumpCloud’s report, UK SMEs are looking to deepen their ties with MSPs, with 67% planning to increase their MSP investment in the next 12 months.

Persistent Passwords123!

While length and complexity requirements align with many organisations’ best practices, many long passwords drive users to resort to unsecure methods for remembering them or worse, re-using the same password across multiple accounts.

Fortunately, NIST updated their password guidelines to remove arbitrary resets and complexity rules. IT can now easily remove these while maintaining security, but how people generate and store those passwords still needs to be top of mind. On average, the number of passwords employees are using has increased. This may account for why the use of biometrics for employee authentication has gone up significantly in the UK. According to our latest Detours Ahead: How IT Navigates an Evolving World report, 68% of respondents use biometrics for employee authentication, up from 44% from the previous report. This way, employees have fewer passwords to manage.

AI becomes a force for good

While there has certainly been a lot of hype around GenAI, there is no doubt that artificial intelligence (AI) is revolutionising workplaces by automating routine tasks, sharpening decision-making, and delivering highly personalised user experiences. We've seen from our latest SME IT Trends Report that organisations are investing, bullishly, and there is more appetite from UK businesses to embrace AI. We’ve found that 81% of organisations either agree or strongly agree that they should be investing in AI initiatives, an increase from 70% in Q1 2024. Furthermore, 75% view AI as a net positive for their organisation.

A once ill-defined initiative that fell into the laps of IT and security teams is becoming more defined and actionable. Use cases are beginning to stabilise, and end users are looking to enhance their productivity with artificial co-pilots. Prompts are starting to have more purpose.

Without a doubt, we will see accelerated adoption of these technologies in the coming year, but with the caveat that any AI is implemented in a controlled and strategic manner. Enterprises will be looking for AI with guardrails and the ability to control AI application risk in 2025.

Data sovereignty is now a business priority

While it might be a bit of a cliché to say data is the new gold, organisations are going to be questioned more rigorously about where their data resides and who manages it. With the advent of GDPR and other subsequent privacy laws around the world, more and more countries are now concerned about personal identifiable information (PII) and other forms of data being available to foreign governments and other legal challenges. Data sovereignty also has immense relevance in cloud storage applications as companies sometimes host servers in different countries from where the data is collected. Data sovereignty will become even more critical as the internet grows and expands. Therefore, organisations will want to domicile data closer to their users, and increasingly, global organisations will want it domiciled in multiple locations for protection and resiliency.

Compliance applies to all companies – both large and small

While this is a heavy term that’s been around a while, we’ll see an increased focus on a variety of regulatory measures like UK Cyber Essentials and other certifications permeate to ever smaller organisations. Between government regulations, cyber insurance requirements and a generally lower tolerance for IT risk, more companies are going to get serious about organisation-wide compliance initiatives. To this point, the EU’s Network and Information Systems Directive 2 (NIS2) for cybersecurity resilience entered full enforcement in October 2024, and compliance with its requirements presents major challenges for many companies, both large and small. While most IT professionals are confident of achieving NIS2 compliance, they also acknowledge that this cybersecurity directive has exacerbated existing challenges such as resource constraints and skills gaps.

It will be exciting to see how these trends continue to evolve in the year ahead and what matters most to UK SMEs. Watch out for our next bi-annual SME IT Trends report, launching in January 2025, where many of these developments and learnings are captured.