Companies based in the United States contemplate a return to onsite work, sparking concerns about the security of hybrid work environments

As the COVID-19 pandemic forced millions of corporate employees to work remotely, companies have faced enormous security challenges. With workers collaborating across often insecure local networks and sharing Wi-Fi connections with their remotely educated children, the increasingly distributed global workforce has created new vulnerabilities for cybercriminals.

According to a report, there is a 95% likelihood that threat actors will continue to target the workplace going forward. This shift to remote work has led to company data likely being accessed from unprotected or unmonitored devices during the pandemic.

In response, some of the nation's leading technology firms are planning to return to the office as the COVID-19 vaccines are rolled out. Google, for instance, is planning a limited return to the office starting this month, based on state-by-state COVID-19 data and vaccine availability. Microsoft's global workforce has about 20% of its members back in office, starting from offices in 21 countries, including Redmond, Washington.

However, firewalls and VPNs are no longer sufficient to protect systems and data in the emerging hybrid environment. Companies need to rethink how they approach authentication in this new landscape. Google operates under a zero trust model called BeyondCorp, which was implemented in response to the 2009 Operation Aurora attacks. The tech giant also launched BeyondCorp Enterprise in January, a scalable, agentless module that operates through the Google Chrome browser.

Companies should develop work policies that enable productivity while leaving room for unplanned events. This includes data classification, remote access, acceptable use, and device security policies. Alteryx, a data analytics firm, is still operating remotely but has reopened its Munich and Prague offices and plans to reopen additional locations over the course of the year.

Despite these efforts, IT security officials have no visibility into what employees are doing on their networks. This lack of visibility highlights the need for companies to prioritise cybersecurity as they navigate the challenges of the hybrid work environment. Threat volume rose 48% between March 2020 and February of this year, underscoring the urgency of the situation.

As the work landscape continues to evolve, it is clear that companies must adapt their cybersecurity strategies to protect their data and maintain the trust of their employees and customers.