Right now, there’s an awful lot of talk from cybersecurity professionals about how dangerous the office network security setup has become as employees are returning to work. If you google “return to work cybersecurity,” all the articles out there have dire news and predictions. This is a bunch of BS. 

 Let’s talk about the reality of the business network security situation right now, without all the fear-mongering nonsense. 

TL;DR: The same cybersecurity issues with WFH also show up in the office. The best way to keep your office network secure is to provide security refreshers, prepare for lots of patching, and have a backup plan for when mistakes are made. Learn more. 

Is a Return-to-Work Scenario Inherently Dangerous? (Spoiler: NO) 

For some reason, the cybersecurity community is pretending that ransomware, phishing, and BYOD (Bring Your Own Device) policies weren’t an issue before the pandemic. Newsflash: They were (see the links). 

Furthermore, there’s no reason why your company would be better protected from cyberthreats at this point simply because your office workers are sitting in your office building. In our mobile-ready world, your employees have been accessing company data from everywhere for years, and the fact that ransomware and phishing have been growing issues for a decade make it pretty clear that WFH didn’t cause these issues. 

However… 

With that said, the return-to-work scenario does lend itself to some hiccups, simply because employees are out of practice with working in the office. To help, we have some points you should be aware of as your employees return to the workplace in person. 

3 Areas to Watch to Promote Office Network Security

As your employees return to work full time or on a hybrid work schedule, it’s a smart idea to focus on three areas to promote better data security at home and in the workplace. 

Security knowledge

It’s safe to say that security norms and habits have changed for pretty much everyone over the past year and a half. To promote better data security on your office network, it’s a good idea to require cybersecurity training refreshers for all your employees, even the most high-level ones. 

Consider including: 

• Phishing awareness training
• Process reminders, such as where and how to share data securely
• Policy reminders, such as what is okay to download to work computers… and what isn’t

Unpatched devices and software

Hopefully, you had a system in place to ensure that employee devices were consistently patched and updated over this WFH time. Patching is one of the most important things you can do to maintain your cybersecurity. 

If you didn’t have a clear system in place, or you’re unsure whether the devices entering your network are up to date, you may want to set up a quarantine network that’s segmented from the rest of your data, so you can better control your office network security. 

Consider using a quarantine network for: 

• Employee-owned devices
• Unpatched or unknown-patch-status company devices
• Devices that have lain dormant in the office since the beginning of the pandemic (they haven’t received interim security patches)

Inevitable mistakes

This is a fearful time for many of your employees. Everyone got used to working from home and now transitioning back to the office seems like a big change. Plus, there’s the Delta variant to worry about and vaccine-hesitant coworkers. (And people are driving really dangerously on their commute; way worse than usual! Have you noticed that too?) 

Our point is to please be sensitive to the fact that all these fears and worries will lead to inevitable cybersecurity mistakes by many of your returning-to-work employees. To counteract this: have a backup plan in place. 

Literally: Have a backup of your system in case you get hacked or hit with ransomware due to a small mistake or oversight. 

In addition to your backup, be transparent and kind with your employees to help them understand that mistakes are okay – as long as they learn how to do better. 

Consider sharing information such as: 

• IT department spoof phishing attacks are likely to be on the rise (this is where a hacker pretends to be the IT department to secure login credentials over email)
• Mistakes you made and how you learned from them
• Small errors that anonymous employees made that you use as weekly training refreshers (you can format these as a “Here’s what we saw. Did you see what mistake was made here?”) 

Visibility Is Critical for Your Network Security Success

Keeping a close eye on these three areas will help you maintain a better security stance now and in the future, as the Delta variant and other COVID-19 surprises continue to result in uncertainty. As we say in the cybersecurity industry: “If you can’t see it, you can’t secure it.” 

Want more tips on how to secure the office network? This article is only Part 1 of our upcoming three-part series on IT security in a return-to-work scenario. Keep a lookout for the next two articles, coming soon! 

Get Help with Your Office Network Security – Reach Out to Interplay

For 20 years, the friendly and knowledgeable Seattle managed IT services team at Interplay has helped business leaders across a range of industries get more out of their tech, stress free. Not only are we always (and we mean always) happy to offer the best managed IT services, support, and advice, we’re also the team you can trust for the best cocktail recommendations here in Seattle or in Disney World – we’re versatile! All humor aside though, we’d love to help you get your IT running smoothly and securely, around the clock.