Hybrid working did not just change where people work. It changed how enterprise security needs to be designed, managed and proven.
In yesterday's Business Post, Niall Hughes, Head of Architecture Services at Triangle, explored a reality many enterprise teams are now living with every day: hybrid working is no longer a temporary adjustment; it is part of the operating model.
That matters because the security assumptions that supported office-centric environments no longer hold. The headline figures explain why. Across the EU, remote working has become the dominant pattern, with 77% in the Netherlands, 72% in Ireland and 70% in Finland.
That shift has obvious benefits. It supports flexibility, access to talent and continuity of operations. But it also expands the attack surface. Three quarters of security breaches in 2024 came from human action, whether that was a mistake, a successful social engineering attempt or deliberate misuse.
The challenge for enterprise IT is no longer simply enabling hybrid work. It is enabling it in a way that is secure, resilient and manageable over time.
Hybrid work changed the operating model
For years, many organisations built security around a relatively stable environment. Users were office-based. Devices were easier to control. Access paths were more predictable. That created a model where trust was often implicit once someone was inside the network.
Hybrid working disrupted that model.
Now, employees move between home, office and other locations, often on different device types and with different risk profiles. The perimeter is no longer a fixed boundary around a building or a data centre. It moves with the user.
Applications are accessed across on-premises, cloud and SaaS environments. Identity, device posture, network quality and user behaviour all matter more than they did before. Security has become less about defending a fixed edge and more about continuously validating access across a distributed environment.
This is why hybrid work should be treated as an infrastructure and architecture issue, not just a workplace policy issue. If the underlying environment is fragmented, poorly governed or difficult to recover, flexibility quickly becomes exposure.
Verification has to replace trust
A more effective baseline is zero trust. That does not mean adding friction for the sake of it. It means removing assumptions. Access should be granted on the basis of verified identity, device state, context and least-privilege access, rather than on location alone. In practice, that means tighter identity controls, stronger authentication, better segmentation and more consistent policy enforcement.
It also means taking the basics seriously.
In hybrid environments, patching discipline, privileged access control, endpoint management and lateral movement containment are still some of the most important controls available. These are not glamorous measures, but they remain fundamental. Sophisticated platforms cannot compensate for poor operational hygiene.
The point is not to create a heavier environment. It is to create a more dependable one.
Security should not get in the user’s way
One of the biggest mistakes organisations make is treating security and usability as competing priorities. In reality, secure modern working depends on both.
Users still need fast, reliable access to applications and data. If the experience is clumsy, inconsistent or overly restrictive, workarounds appear. That creates new risk.
The better approach is to make security part of the design of the environment itself.
This is where Virtual Desktop Infrastructure (VDI) can play an important role. When designed well, it allows organisations to centralise control, standardise access and deliver a more consistent user experience across locations. The user gets the same dependable workspace whether they are in the office, at home or operating remotely. The organisation retains more control over how access is delivered and how data is protected.
Recovery is no longer a separate conversation
Hybrid working has also changed the recovery question. It is no longer enough to ask whether users can connect securely in normal conditions. Organisations now also need to ask what happens if a breach succeeds, a core service is disrupted or trust in the production environment is lost.
That is why recovery can no longer sit in a separate conversation from security.
A resilient hybrid-work strategy should assume that incidents will happen and prepare for them accordingly. That means recovery plans that are tested, isolated data that can be trusted, and processes that allow critical services to be restored without bringing risk back into the environment.
This is where cyber recovery becomes relevant to modern working, not as a separate discipline, but as a supporting one. The organisations that respond best are those that treat protection, continuity and recovery as part of the same design problem.
Managed services keep the model effective over time
Secure modern working is not something you “finish”. Threats change. Platforms evolve. User patterns shift. New tools are introduced. New dependencies appear. What was well-designed a year ago can become fragile if it is not actively maintained.
That is why operational discipline matters as much as architecture.
A managed service model helps keep the environment current, monitored and aligned with changing needs. It turns security from a one-off deployment into an ongoing operating practice. It also makes room for structured improvement, whether that means refining access controls, updating desktop strategy, tightening recovery processes or responding to new risks introduced by AI and automation.
Secure modern working needs stronger foundations
Hybrid work is now part of enterprise reality. The question is no longer whether to support it. The question is how to support it without weakening security or user experience, increasing operational fragility or making recovery harder.
That requires a shift in mindset. Verification has to replace trust. Recovery has to sit alongside prevention. User experience has to be protected as carefully as data. And the infrastructure underneath it all has to be designed, managed and tested for change.
If those are the new defaults, the question is whether your infrastructure has caught up with them.
-----------------
Read the full interview with Niall Hughes in the Business Post here.
Explore further:
