With Prime Minister Narendra Modi’s fresh calls to revive work from home, companies now face a very different landscape, more sophisticated cyber threats, stricter data regulations, and widespread use of cloud and AI tools. Managing a mix of in-office and remote employees introduces new technical and operational challenges, from access control to device management and collaboration gaps.
According to SentinelOne, an American cybersecurity company, the major cybersecurity threats associated with remote working are insecure Wi-Fi Networks, Shadow IT, unsecured home networks, poor endpoint protection, absence of encryption, exploiting collaboration tools and no real-time security monitoring.
A report by DTEX System’s Insider Risk Index Research team reveals that cybersecurity threats increased 58 per cent since remote work adoption, with 83 per cent of companies experiencing at least one attack in 2024, and remote workers are three times more likely to accidentally expose data than office employees, costing an average of $17.4 million annually per organisation.
The report highlights that about 67 per cent of Fortune 1,000 employees use unauthorised apps, with an average company having 975 unknown cloud services versus 108 tracked ones. And 48 per cent of organisations suffered data breaches from personal devices, despite 95 per cent allowing their use for work.
Home networks are identified as the weakest link, with 50 per cent of IoT devices having critical vulnerabilities, and routers now represent over 50 per cent of the most exploitable devices.
In this context, ETHRWorld reached out to industry leaders to understand the technology and security risks that have emerged since the pandemic in managing a distributed workforce and to assess how well-equipped companies are to combat potential vulnerabilities.
AI has changed the equation on both sides
David B Cross, Chief Information Security Officer, Atlassian, says that the threat landscape for distributed work today is fundamentally different from the pandemic era. In his view, the question for Indian enterprises is not whether they can fully go remote. It is whether they have built and operate the infrastructure that makes it safe by default.
The three shifts that stand out are:
- First, identity has become the primary attack surface. With a distributed workforce, the traditional network perimeter disappears. Credential theft, session hijacking and sophisticated phishing now account for the majority of enterprise breaches, and Virtual Private Networks (VPNs) with basic Multi-Factor Authentication (MFA) are no longer sufficient.
- Second, AI has changed the equation on both sides. Threat actors use generative AI for more convincing phishing, deepfake social engineering and automated reconnaissance. Enterprises that have invested in AI-driven detection and response are pulling ahead of those that have not. But AI introduces its own risk: it does not create new access problems; it exposes the data hygiene failures already there. When an AI tool can see everything an employee can see, oversharing becomes a bigger threat than unauthorized access.
- Third, AI agents are creating a new class of non-human identity. These agents reason, act and access systems autonomously. Within three years, most enterprises will have more AI agents than human employees. Existing identity frameworks, both human and service accounts, do not apply cleanly. Organisations need a governance model for monitoring, logging and blocking agent activity. This is the next identity crisis for security teams, and it is arriving faster than most are preparing for.
According to David, some companies have made real progress. While many others are more exposed than they think. “Companies that invested in cloud-native security after the pandemic are materially better positioned. They have moved to Zero Trust models, centralised identity management, and data loss prevention across their SaaS environments and built security operations that do not depend on employees being on a corporate network. For these organisations, remote work is operationally straightforward because the architecture was designed for it,” he says.David further says, “There is a new dimension that did not exist during the first remote wave: AI-driven data leakage. AI tools that ingest company data without proper classification and access controls create leakage vectors that traditional Data Loss Prevention tool (DLP) was not designed to catch. The organisations getting this right started with identity and data governance, not by bolting on AI security products after deployment.”
He adds, “The organisations that navigate this well share a common trait; “they treat security as a design principle, not as a bolt-on”. At Atlassian, we have operated as a distributed workforce for years, and our approach has always been that security and flexibility are not competing priorities. Zero Trust, continuous monitoring, unified visibility and strong data governance are the foundations that make remote work a secure operating model, not a risk to be managed.”
Compliance in a remote setup cannot be treated as a one-time solution
While remote and hybrid work models provide flexibility and support employee productivity, Gaurav Sharma, CHRO, True Balance, says, “Companies are now required to navigate a far more complex digital ecosystem shaped by cloud-based operations, AI adoption, stringent data governance requirements and evolving cybersecurity threats. Companies are increasingly facing sophisticated cyber threats, including phishing attacks, credential theft, ransomware and AI-enabled fraud attempts.”
“The use of unsecured home networks, personal devices and unauthorised AI tools can also create risks around sensitive organisational data exposure. Alongside this, businesses must address operational challenges such as collaboration gaps, employee burnout, workplace culture and consistency in hybrid work setups,” Sharma points out.
According to Sharma, True Balance ensures that all its employees, irrespective of location, get access to the tools and resources required to carry out their responsibilities effectively. “Our IT security governance framework ensures strict access controls and protection against cyber threats. The focus today is not just on enabling remote access, but on building secure, collaborative and accountable work environments regardless of location. This requires stronger access controls, robust device management frameworks, employee awareness around cybersecurity, and seamless collaboration systems,” he says.
“Overall, companies today are certainly better equipped than they were during the initial pandemic phase. However, with technology evolving rapidly and cyber threats becoming more advanced, data security and compliance in a remote setup cannot be treated as a one-time solution. It requires continuous investment, employee awareness and agile risk management strategies to build a resilient workforce,” Sharma adds.
True Balance looks at its security model not as a temporary patch, but as a core operational shift. The governance framework makes sure that the protection is maintained across all locations. The firm follows a least privilege access model, which means employees can only access the specific data and systems required for their role. This reduces the internal attack surface considerably.
The company does not rely on individual home networks for data protection. Instead, the firm has put in place secure, centralised network systems that route all employee traffic through protected infrastructure, regardless of where they are working from. This means that whether a team member is based in a metro city or a tier-2 town, the same compliance standards and threat protection measures apply without exception.
The present setup is built on cloud infrastructure, automated device management and ongoing verification. Every device, whether a company laptop or a secure virtual desktop, is checked for compliance before it is allowed to access company resources.
“Today, with SaaS platforms, cloud tools and unsanctioned AI applications in widespread use, the boundaries of corporate security have expanded exponentially. We use threat detection tools that spot unusual data activity, credential problems, or the use of unapproved applications as they happen. All work-related traffic is routed through secure, encrypted gateways, which gives us a single, central view of our data. This allows our IT team to catch potential cyber threats and phishing attempts at the network level,” Sharma says.
Growing overlap between productivity technologies and security vulnerabilities
Krupa NS, CHRO, Xoriant, says the larger question is no longer whether organisations can operate remotely, but whether they have built the maturity, infrastructure and culture required to do so sustainably. For organisations that have invested in these capabilities, remote or hybrid work is not disruptive; it becomes an extension of how the business already functions.
“Xoriant has over 5,000 employees across 28 offices in India, the US and Europe, and distributed collaboration has never been unfamiliar to us. As an AI-native organisation, we also recognise that the rapid adoption of emerging technologies must be balanced with equally strong accountability frameworks. This is where continuous learning becomes critical. Employee training today is not limited to technical upskilling alone. It includes cybersecurity awareness, compliance readiness, responsible AI usage and reinforcing the importance of data integrity in everyday decision-making,” she says.
Krupa points out that the biggest shifts have been the growing overlap between productivity technologies and security vulnerabilities. “AI-enabled tools, while improving efficiency, have also introduced new concerns around data leakage, unauthorised sharing of sensitive information, algorithmic misuse and governance gaps. Employees today interact with multiple platforms simultaneously, often across personal and professional environments, which increases exposure if guardrails are not clearly defined,” she says.
“Cyber threats themselves have also become more advanced. Phishing attacks, identity compromise, ransomware, deepfake-enabled fraud and social engineering attempts are now more targeted in remote work environments where human verification layers are reduced. This is why organisations can no longer treat cybersecurity as a standalone IT responsibility. It has become a business-wide behavioural and cultural priority,” she adds.
Krupa believes that compared to the early pandemic phase, organisations today are certainly far more prepared from both a technology and governance standpoint. “Our operating model has been built around global delivery, cross-border teams and technology-enabled collaboration for years. As an AI-native, innovation-first organisation, we have consciously invested in secure digital infrastructure, governance-led delivery models, capability building and employee readiness to ensure flexibility does not compromise governance or performance,” she says.
Krupa highlights that the ideal approach should be to embed security, compliance and responsible AI usage into the operating fabric of the organisation rather than viewing them as reactive controls. In distributed environments, resilience depends as much on employee awareness as it does on technology infrastructure. Organisations that build both simultaneously are far better positioned to navigate emerging risks.
Equally important is culture
According to Krupa, equally important is culture. Remote work succeeds when organisations create clarity around expectations, communication and outcomes. For example, employee training today must go beyond technical capability to include responsible technology usage, cybersecurity awareness and digital collaboration etiquette. “I do not think India will move back to fully remote work at scale in the same way it did during the pandemic. What we are more likely to see is a sharper evolution toward flexible and hybrid models, where organisations balance productivity, innovation, employee wellbeing and security considerations more thoughtfully. Ultimately, sustainable remote work is not a location strategy — it is an organisational capability,” she says.
