Work-from-home security practices arrive at the office

Employees are returning to the office, which, for a split second, might sound like a relief if you’re on the IT team. After all, what’s better than a nice, controlled perimeter. A firewall protecting the network. A castle back within the moat! But many employees still expect to be working from home, at least some of the time.

“It’s not so much the return to office as it is the partial return to office,” said Seth Robinson, senior director of technology analysis at the nonprofit trade association CompTIA.

As employees kinda sorta return to their cubicles, they’ll bring with them more than just their backpacks from 2020. Workers are returning with security setups from the work-from-home era.

Tools like endpoint detection and response, conditional access control, cloud access security brokers, and multi-factor authentication—valuable practices for a perimeter-free environment—are likely to be effective and in use in an office environment as well.

“What we’ve seen…happening is offices turning into coffee shops. They’ve got a coffeemaker, a refrigerator, desks, and free wi-fi. And they are operating very much like you would operate at home,” said Jason LaPorte, CTO/CISO of Power Consulting.

In other words: The same security safeguards that protected users as they began working from home are still in effect in office environments. Software-defined networks (SD-WANs), for example, enforced access control at home, and they’ll likely find a role in the office, according to Brian Haugli, CEO at the cybersecurity and privacy firm SideChannel.

An April 2022 report from Futuriom of 118 US-based enterprise networking and IT managers found that 83% of respondents said that digitalization and hybrid work environments have increased their need for SD-WAN managed services.

“Now, with the return to the office, people are seeing the value out of software-defined networking, over having hardware-defined networking,” said Haugli.

Other practices that proved effective during the WFH days—multi-factor authentication and tools that monitored suspicious behavior, like a login from an unexpected destination, for example—play a valuable security role in-office, too.

“You still need to control access to your file servers and your email. You can’t remove that now just because people are all together in the same room,” Haugli told IT Brew, also noting the importance of conditional-based access rules and EDR software, which can quickly contain and eradicate malicious activity.

“Most of those offices were lacking the right security protocols in the first place. You introduced them during the pandemic, thank god. Now keep doing the right things while you’re back in the office,” said Haugli.—BH

Do you work in IT or have information about your IT department you want to share? Email [email protected] or DM @BillyHurls on Twitter.