Securing the New Home Office Edge

An image of people working at home.

The past two years have seen unprecedented growth in the number of employees working from home. Before the pandemic, Americans spent 5% of their working time at home. By spring 2020, more than 60% the US workforce was working from home. CIOs and chief information security officers (CISOs) were thrust into a fire drill to keep their businesses running by enabling more employees to work from home. Employees now report an increase in happiness due to working more hours from home. As businesses bring employees back to the office, expectations about where work happens have changed forever. Many organizations have opted to permanently move to home-based workforces for at least part of their labor force and, consequently, they must be able to support a hybrid work environment for the foreseeable future.

With millions of employees now working from home most of the time, security leaders must protect the data, systems, and devices that sit outside the traditional enterprise network perimeter. The home office has thus become the new edge of the enterprise network. Still, many organizations continue to treat home offices like generic remote access locations - such as cafés or airports - and do not apply layered network controls that are typical in branch offices. Instead, in their rush to enable remote workers, many CISOs implemented more endpoint security controls, VPNs, and multi-factor authentication. While these approaches have generally enabled employees to stay productive, most home offices still lack critical network security controls – such as firewalls, IDS/IPS, antivirus protection, web and application filtering, and ransomware/phishing prevention - that enterprises typically mandate in their corporate offices. Neglecting these critical security controls leaves companies reliant employees to manage (or, more frequently, not manage) the security of their home network and creates significantly increased risk of network and computer security compromises.

An image showing internet attack percentages.

Not surprisingly, bad actors have taken advantage of these weakened remote security controls. Ransomware attacks jumped 150% in 2021. The average ransom demand grew 36% to $6.1 million. 83% of organizations said they experienced e-mail phishing attacks in 2021, compared with 57% in 2020.

So, what should CISOs do to improve home office edge security and better manage the risks associated with employees working from home?

Here are five best practices for securing the home office edge:

  1. Extend the network perimeter to the home: Organizations need to think of the home office as an extension of their enterprise network and secure as if it was a branch office. Relying on endpoint VPN encryption and endpoint protection alone is not enough. Extending the enterprise network to homes requires managing the home router and firewall to lock down the network and protect against threats and vulnerabilities.
  2. Centralize visibility and control: Enterprises must manage millions or even trillions of device security events and alerts each month. While visibility and security management tools within the enterprise perimeter are well developed, the home router requirements are typically not included in enterprise security standards. If you wanted to hack into a big company’s network, the easiest way to do it is to compromise the device of an employee or contractor working from home. Having the network visibility and ability to update, patch, and rotate the credentials and keys of a home router enables security leaders to greatly reduce the risk of compromise.
  3. Align the home office with enterprise network security standards: CISOs and enterprise security teams go to great lengths to define clear security policies and standards for physical security, identity and access management, incident management, endpoint security, OT cybersecurity, etc. These policies often align with cybersecurity standards. CISOs must mitigate the risks of the home office by adopting home office network security standards that align with the company’s overall network security standards.
  4. Make it simple for employees: For employees to embrace the idea of a company-managed home router, it must be easy to install and manage. Additionally, the router needs to protect work-related traffic and provide privacy for non-work-related traffic. This can be addressed by leveraging a network platform that segments the home and work network traffic. Additionally, by using a more advanced network firewall in the home, employees should not be required to constantly re-login to systems.
  5. Strive for global consistency: Managing risk requires the consistent application of security processes and procedures, whether that organization has five or 50,000 employees.
An image showing Linksys HomeWRK Secured by Fortinet.

Introducing Linksys HomeWRK | Secured by Fortinet

Linksys and Fortinet have joined forces to offer Linksys HomeWRK for Business, a home office networking solution that provides businesses of all sizes with a secure and scalable networking solution to reduce the risk of employees working from home. By embedding Fortinet Security within the Linksys Mesh Router, the joint solution provides enterprise-class security, controls, and visibility. Linksys has also developed one-touch provisioning and remote administration capabilities that simplify implementation and deployment without compromising security.

Linksys HomeWRK leverages Fortinet Security to provide a high-performance firewall, virtual private network (VPN) functionality, intrusion prevention system (IPS), application control, URL filtering, antivirus, antispam and visibility.

Security & Visibility

Network Segmentation: Support for network segmentation using multiple SSIDs on the same router to separate corporate and personal network traffic. Segmenting the traffic enables a higher level of protection for accessing corporate systems from the home.

Antivirus: Automated protection against polymorphing attack components, viruses, spyware, and other content-level threats.

Web and Application Filtering: AI-powered analytics and filtering to block web, application, video content, phishing, and ransomware for comprehensive protection and regulatory compliance.

IPS: Detection and blocking of network-level threats and network intrusions using Fortinet’s FortiGuard IPS Library with thousands of signatures and context-aware policies for full control of attack detection.

IPsec VPN: Support for IPsec virtual private networking to encrypt traffic between the router and the corporate network, ensuring the confidentiality of communications.

Manageability & Productivity

Zero-Touch Provisioning: Linksys HomeWRK devices support Zero-Touch provisioning and remote administration to simplify the employee’s user experience.

Traffic Optimization: Prioritization of traffic improves performance for bandwidth-intensive applications such as video conferencing.

Intelligent Mesh and WiFi 6: Supports Linksys Intelligent Mesh and WiFi 6 technology to deliver gigabit WiFi speeds to every corner of the home.

IPS: Detection and blocking of network-level threats and network intrusions using Fortinet’s FortiGuard IPS Library with thousands of signatures and context-aware policies for full control of attack detection.

Security Visibility: Powerful log management, analytics, and reporting that provide organizations with single-pane orchestration, automation, and response for simplified security operations, proactive identification, and remediation of risk.

Global Distribution: Linksys provides global order management, staging, and fulfillment that eliminates the need for an IT administrator to physically administer the device before shipment.

Learn more about Linksys HomeWRK and find out how we can help you secure the new home office edge.

Contact your Linksys or Fortinet sales representative or email: for details on how to try the solution.