In early 2020, businesses around the world scrambled to enable remote work almost overnight. Security was, understandably, often an afterthought—the priority was simply keeping operations running. Six years later, remote and hybrid work have become permanent fixtures for many organizations. But the security landscape has evolved significantly, and the "temporary" solutions from 2020 have become long-term vulnerabilities.
The 2020 Scramble: What Happened
When lockdowns began, businesses made rapid decisions:
- Personal devices were pressed into service for work
- VPNs were deployed hastily, often without proper configuration
- Cloud adoption accelerated dramatically
- Security policies were relaxed "temporarily"
- Home networks became corporate network extensions
These decisions were necessary given the circumstances. But many of those temporary measures never got revisited.
How the Threat Landscape Evolved
Attackers Followed the Workers
Cybercriminals quickly recognized that remote workers represented new opportunities. The attack surface expanded from a controlled office environment to thousands of home offices, each with its own vulnerabilities.
Phishing campaigns pivoted to exploit pandemic-related anxieties. Business email compromise schemes took advantage of disrupted communication patterns. Ransomware operators recognized that organizations might be more willing to pay when their distributed workforce couldn't simply "come into the office" to work around the problem.
We covered some early observations in our piece on staying safe while working remotely.
The Home Network Problem
Corporate networks typically have security controls—firewalls, intrusion detection, network segmentation. Home networks generally have none of these. Consumer routers, smart home devices, and family members' computers share the same network as work laptops.
This created what security professionals call an "expanded attack surface." A vulnerable smart thermostat or an infected gaming computer could potentially provide a pathway to corporate data.
Related concerns are explored in our article on home network security.
Shadow IT Proliferation
Remote work accelerated the adoption of unauthorized tools and services. When employees couldn't easily get IT support, they found their own solutions—file sharing services, communication tools, productivity apps. Each of these represented a potential data leakage point.
What's Different in 2026
Hybrid Has Become Normal
Remote work is no longer an emergency measure—it's a standard operating model. This has allowed organizations to move past reactive solutions toward more deliberate approaches. But it has also meant that attackers have had years to refine their tactics.
Zero Trust Architecture
The concept of "zero trust"—assuming no user or device should be automatically trusted—has moved from security industry buzzword to practical implementation. Instead of treating the corporate network as a trusted perimeter, modern approaches verify every access request regardless of where it originates.
We introduced zero trust concepts in our article on understanding zero trust.
Identity Has Become the Perimeter
When workers can be anywhere, traditional network perimeters become less meaningful. Instead, identity—who you are, what you're authorized to access, and whether your current behavior matches expected patterns—has become the primary security control.
This shift has elevated the importance of strong authentication. Multi-factor authentication, once considered optional for many businesses, has become essential. We discussed MFA fundamentals in our piece on multi-factor authentication.
Cloud Security Maturation
The hasty cloud migrations of 2020 created numerous misconfigurations and security gaps. Over the past six years, both cloud providers and their customers have developed more mature security practices. But legacy misconfigurations from the initial scramble often persist.
Persistent Challenges
Despite progress, several challenges remain:
Personal Device Security
Many organizations still allow work on personal devices without adequate controls. The boundary between personal and professional has blurred, creating ongoing security questions.
We explored some of these considerations in our article on using personal devices for work.
Security Fatigue
Six years of security warnings, mandatory training, and authentication requirements have contributed to security fatigue. Employees, overwhelmed by security demands, may take shortcuts or ignore warnings.
Visibility Gaps
IT and security teams often have limited visibility into what's happening on home networks and personal devices. This makes detecting compromises more difficult and slows incident response.
Policy Inconsistency
Many organizations' security policies still reflect pre-pandemic assumptions. Policies written for office-based work may not adequately address the realities of permanent remote operations.
The Human Element
Perhaps the most significant security challenge in remote work remains human. Employees working from home face:
- More distractions and potential for mistakes
- Less immediate access to IT support
- Blurred boundaries between work and personal activities
- Different social dynamics that make some attacks more effective
We discussed the importance of human factors in our article on employee education in preventing attacks.
Looking Forward
The remote work security landscape will continue to evolve. Emerging technologies like AI-powered security tools and advanced authentication methods will change the equation. But so will increasingly sophisticated attack techniques.
For businesses, the key insight is that the security approaches of 2020—the "temporary" solutions—are no longer adequate. Remote work is permanent for many organizations. Security strategies need to reflect that reality.
Questions for Business Leaders
- Have your security policies been updated to reflect hybrid work as a permanent model?
- Do you have visibility into how company data is accessed from remote locations?
- What assumptions from 2020 are still baked into your security approach?
- How would you know if a remote employee's home environment was compromised?
These questions don't have universal answers—every organization's situation is different. But asking them is a starting point for honest assessment.
This article is intended for informational purposes only and does not constitute professional security advice. Organizations should consult with qualified cybersecurity professionals to assess their specific situation.