3min. read

With organizations looking to formalize hybrid work as a part of their workplace transformation strategy, enterprise IT architecture now includes a new kind of branch—the home.

Work from home has been firmly established as a new normal, and companies around the world are using this newfound flexibility as a strategic advantage to retain and attract talent in a competitive market. In a recent survey, 62% of employees want to work in a remote or hybrid manner post-pandemic, even if they can access their workplace.1

With this new reality of work, the footprint that IT security must protect has vastly expanded. Every home is now like a branch office, and all of those home “branches” are full of unknown and unmanaged risks. Today, employees are spending an order of magnitude more time working from home, including highly sensitive work. That means the level of risk most organizations are exposed to has increased dramatically in the last 18 to 24 months. It also means that the remote security solutions which may have been sufficient a couple of years ago may no longer be the right solutions.

So Many Things, So Little Security

Working remotely, in and of itself, is not the problem. The problem instead is the home environment, filled with personal and IoT devices, all of which have the potential to introduce new and dangerous risks to enterprise security. Two big factors make the home particularly important to secure:

  1. Easy-to-target home networks make lateral attacks a real concern for enterprises. Finding the home IP address of an executive or employee with access to sensitive information is a fairly trivial task for an attacker. Finding an already compromised device or compromising an unsecured device on that home network is an easy next step.
    1. Additionally, employees today expect the flexibility to do work as they wish on their personal devices, even as we have seen an explosion in the number of IoT devices on the home network. This new reality adds to the complexity of managing and securing work-related devices at homes.
  2. Many employees use devices beyond just laptops to do their work. Think of a mechanical engineer working on a confidential hardware prototype at home, a call center agent using a VoIP phone at home, or employees using their printers. These devices are mostly agentless, making them challenging for IT teams to secure.

Such challenges are multiplied by the fact that most IT teams have little visibility into the remote worker’s home network, creating a weak link in the enterprise security strategy. Any company moving towards a Zero Trust security model must now consider and plan for how the home fits into their approach.

To Defend the Home, You Have to Protect the Home

Inside of the corporate network, enterprise IT manages and protects the network. In the home, who protects the network? Consumer-grade Wi-Fi routers in homes often run outdated software or do not have robust security capabilities, leaving employees and companies vulnerable to malicious actors.

It’s time to look beyond the hope that employees working from home are taking the right steps to secure themselves and, by extension, the company data. In the enterprise, networks are protected with a combination of hardware, software and policy management. A similar combination can be extended into the whole home.

An enterprise-grade router that can provide premium throughput and coverage is a necessity for a modern approach to securing the home worker—along with the ability to extend enterprise-grade security protection and policies to the corporate segment in the home network. If you’re not protecting the home “branch” with enterprise-grade security, what are you protecting it with? And what risk does that create for your enterprise?

When the Office Is Home, Privacy Matters

Alongside enterprise-grade security comes the need to respect the personal privacy of those working from home. Enabling enterprise-grade security in the home cannot mean that the enterprise has visibility into all network traffic in the home. The optimal solution secures the whole home and separates work devices from the personal home network, ensuring that enterprise IT will have zero visibility into the employee’s personal network.

Securing the Home Branch Is the New Security Imperative

With home established as the new branch office, it’s time to establish a proactive and Zero Trust approach to its security—as a key part of the holistic enterprise security strategy. Organizations need to partner with their employees closely and invest in modern cybersecurity solutions that holistically secure the home network without compromising user experience.

Home is the new enterprise security frontier. So you’ll need to ensure you protect it.

Palo Alto Networks recently introduced Okyo™ Garde Enterprise Edition to provide enterprise-grade security for work-from-home employees. Learn more here.

1. The State of Hybrid Workforce Security 2021, Palo Alto Networks, August 25, 2021, https://start.paloaltonetworks.com/state-of-hybrid-workforce-security-2021.