Enforcing Zero Trust in a Hybrid Work Environment

Enforcing Zero Trust in a Hybrid Work Environment

  • By Bart Vansevenant
  • Feb 07, 2023

The effects of the pandemic have rippled across the business world like a meteor hitting a pond, creating a new plethora of challenges that incorporated into MBA curriculum for years to come. One of the many unforeseen challenges that has emerged for large organizations implementing return to work initiatives is the emergence (and widespread acceptance) of the hybrid workforce model.

As a new “perk” cherished by most employees and despised by most employers, it appears that the hybrid workforce model is here to stay, despite efforts by some organizations to end this practice. The reality is that most organizations will continue to maintain some semblance of a hybrid workforce model for the near future to help attract and retain top tier talent.

Hybrid Work Highlights the Need for Zero Trust
Hybrid work is just one example of how the security landscape has changed in recent years in ways that demand new security and assurance solutions. Other examples include the sharp increase in international commercial competition – particularly with the use of state-sponsored organizations to support that competition, the rise of Hacking as a Service and Ransomware as a Service, and new applications of AI to support Social Engineering and even fake interviews, to name a few.

All of these changes present significant challenges for organizations relative to physical and logical security, workforce management, facility planning and management, and of course, health safety. Consider the challenges from hybrid work arrangements alone – which can result in employees, contracted workers, customers, and visitors frequenting facilities at all hours of the day, and possibly every day of the week. In such circumstances, it becomes significantly more difficult for organizations, and their security teams, to maintain physical control of the workplace. Moreover, without complete physical control, other risks rise exponentially – from safety to cybersecurity.

It is essential for organizations to maintain physical control as just the first vital step to manage overall risks and the operation of business processes. The consensus in the security industry is quickly moving toward the application of a new set of physical security policies built on zero trust.

Implementing Zero Trust for Today’s Workforce
What do physical security policies built on zero trust look like? The simple answer is that no identity, physical or logical access or IP device/endpoint is to be trusted by default. Instead, every entity – no matter if they are inside or outside the organization’s network – must have strong authorization, be authenticated, and be continuously validated before being granted any access to physical or network assets. In zero trust environments, having access in the past is not enough to warrant access now.

Creating a zero-trust hybrid workforce model enables organizations to protect the integrity, security and safety of an organization. By combining data, this is accomplished from relevant systems such as HR, facilities and workforce planning software into a Physical Identity and Access Management (PIAM) platform. Based on policies you set in the PIAM platform, it will in turn set and revoke access for employees, contractors and visitors on an as needed basis.

Here is an example of how an implementation would work: In the past, an access card might be all that was needed to enter a facility through an employee entrance. In a zero trust environment, the access system would be integrated with other relevant systems to confirm, for example, that the person requesting access was in fact that person, was still employed, had the authority to enter at that time and place, had the required training or certifications to enter, and possibly was confirmed to be wearing the required PPE.

To confirm those answers, the access control system would require confirmation from, perhaps, the HR staffing system, training records, management approvals, and biometric confirmation systems. Such integrations are not only possible today, but are quickly becoming much more common.

Taking Zero Trust to the Next Level
For higher-security environments or locations with a greater proportion of workers that may not know each other well, it is now possible to go one big step further. In these situations, teams can complement the zero trust PIAM platform with the addition of security wearables to automate the validation of security permissions and safety requirements for everyone present.

Security wearables are a new, powerful idea that are really getting traction. Leading providers offer compact badge holders that are equipped with wireless communication capabilities as well as LED-powered status displays. Because these devices can link to local wireless access points, they not only know the identity of the badge, but they also know where in the facility the person is presently located.

This combination lets the device display an easy-to-see “green” validation status that the person represented by that badge is authorized to be in that area at that time, and has the required safety and/or regulatory certifications. If the person goes into an area where any one of those factors is not sufficient, then the visible validation status changes to ‘red’ and it is easy for anyone present to know that there is an issue. This is especially valuable when hybrid workforce arrangements make it harder for workers to know who should be on site, and who should not.

Zero Trust: The Right Approach
In today’s hybrid-workforce environment, organizations can greatly improve their safety, security, and regulatory postures by implementing zero trust solutions. Integrating zero-trust systems with leading security wearables is becoming the newest best practice to manage the emerging physical security challenges of hybrid workforces.

Featured

  • Report: 47 Percent of Security Service Providers Are Not Yet Using AI or Automation Tools

    Trackforce, a provider of security workforce management platforms, today announced the launch of its 2025 Physical Security Operations Benchmark Report, an industry-first study that benchmarks both private security service providers and corporate security teams side by side. Based on a survey of over 300 security professionals across the globe, the report provides a comprehensive look at the state of physical security operations. Read Now

    • Guard Services

  • Identity Governance at the Crossroads of Complexity and Scale

    Modern enterprises are grappling with an increasing number of identities, both human and machine, across an ever-growing number of systems. They must also deal with increased operational demands, including faster onboarding, more scalable models, and tighter security enforcement. Navigating these ever-growing challenges with speed and accuracy requires a new approach to identity governance that is built for the future enterprise. Read Now

  • Eagle Eye Networks Launches AI Camera Gun Detection

    Eagle Eye Networks, a provider of cloud video surveillance, recently introduced Eagle Eye Gun Detection, a new layer of protection for schools and businesses that works with existing security cameras and infrastructure. Eagle Eye Networks is the first to build gun detection into its platform. Read Now

  • Report: AI is Supercharging Old-School Cybercriminal Tactics

    AI isn’t just transforming how we work. It’s reshaping how cybercriminals attack, with threat actors exploiting AI to mass produce malicious code loaders, steal browser credentials and accelerate cloud attacks, according to a new report from Elastic. Read Now

  • Pragmatism, Productivity, and the Push for Accountability in 2025-2026

    Every year, the security industry debates whether artificial intelligence is a disruption, an enabler, or a distraction. By 2025, that conversation matured, where AI became a working dimension in physical identity and access management (PIAM) programs. Observations from 2025 highlight this turning point in AI’s role in access control and define how security leaders are being distinguished based on how they apply it. Read Now

Most   Popular

New Products

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises.