As enterprises rush to adopt AI, they are overlooking the fundamentals. A new global analysis of millions of endpoints reveals dangerous deficits in patch management, OS updates, and device encryption, leaving critical industries exposed.
The enterprise IT world is chasing efficiency through artificial intelligence, but is losing sight of its foundation. According to Omnissa’s inaugural “State of Digital Workspace 2026” report, a widening gap between AI ambition and basic cyber hygiene is creating a fractured end-user computing landscape where policy-based management is no longer enough to counter modern threats.
The AI Paradox in the Digital Workspace
The Omnissa State of Digital Workspace 2026 report paints a sobering picture of the modern enterprise. Based on anonymized and aggregated telemetry data from millions of endpoints across 17 industries worldwide between January and December 2025, the study finds a clear bifurcation of strategy. While organizations invest heavily in AI and automation to boost operational efficiency, they are simultaneously allowing shadow apps, device non- compliance, and hidden hygiene gaps to undermine their risk posture.
“AI currently dominates every discussion about enterprise IT. The prevailing mantra seems to be ‘fight AI with AI.’ As a result, awareness of the importance of basic cyber hygiene is suffering, even though it is the essential prerequisite for secure IT workplaces,” the report analysis states. The conclusion is stark: management based solely on standards and policies is failing. How can you secure and optimize an environment you can’t fully see?
The answer, according to Omnissa, is a fundamental shift from reactive auditing to proactive remediation powered by deep, end-to-end observability.
Patch Velocity: A Tale of Two Ecosystems
One of the report’s most revealing findings concerns patch velocity. The speed at which operating systems are updated varies dramatically by platform. Devices in the Apple ecosystem are updated significantly faster by users than their counterparts. iOS and macOS devices are patched eight times faster than Android devices and 1.5 times faster than Windows devices.
This inconsistency creates a vast, uneven attack surface. The delay is not merely a technical inconvenience; it is a critical vulnerability that AI-powered threats can exploit in an automated manner. First-party hardware-software integration, as seen with the recent 988% year-over-year growth of Google Pixel devices in the enterprise, appears to be one driver for faster security patching.
Critical Sectors Lagging Behind
More concerning is where the delays are happening. Critical, highly regulated industries are lagging significantly behind on OS updates. The healthcare, pharmaceutical, and retail and wholesale sectors frequently neglect the updating of their operating systems. This is particularly alarming given the sensitive data these sectors handle. The report suggests that complexity, legacy systems, and concerns over operational disruption cause IT teams to postpone essential updates, creating prolonged windows of exposure.
The Alarming Reality of Unencrypted Endpoints
Perhaps the most critical security gap identified is the lack of encryption. The proportion of unencrypted desktop PCs is alarmingly high. According to the telemetry, 20% of desktop PCs and mobile devices in government agencies are not encrypted. In the education sector, that figure rises to over 50%.
An unencrypted device that is lost or stolen represents an immediate data breach. In an era where a single compromised endpoint can serve as an entry point for a larger ransomware campaign, this lack of fundamental protection is indefensible. It exposes what Omnissa calls “the illusion of compliance” – organizations may have policies requiring encryption, but operational reality shows they are not enforced.
From Policy to Observability
For experts like Ralf Gegg, who brings nearly 20 years of experience from VMware and around ten years from Computacenter and is now one of Omnissa’s leading specialists in scalable workforce protection, the conclusions are clear.
“Traditional, policy-based controls can no longer keep pace with threats to today’s digital work environments. By switching from reactive policy and audit controls to a security strategy based on continuous observability, companies can proactively and reliably detect and defend against today’s constantly changing risks,” says Gegg.
The era of “management by standard” is over, the report concludes. The enterprise perimeter has dissolved, the hardware catalog has fractured into specialized ecosystems, and unsanctioned AI apps have created a new “shadow perimeter.” The future belongs not to organizations with the strictest policies on paper, but to those that achieve radical visibility across every device, app, security layer, and user experience to drive data-driven decisions.

Dr. Jakob Jung is Editor-in-Chief of Security Storage and Channel Germany. He has been working in IT journalism for more than 20 years. His career includes Computer Reseller News, Heise Resale, Informationweek, Techtarget (storage and data center) and ChannelBiz. He also freelances for numerous IT publications, including Computerwoche, Channelpartner, IT-Business, Storage-Insider and ZDnet. His main topics are channel, storage, security, data center, ERP and CRM.
Contact via Mail: jakob.jung@security-storage-und-channel-germany.de