Security risks of people working remotely

If you found this blog post interesting you might also enjoy our regular series of webinars about practical ways to improve the security of people working outside the office.

The way people access company systems has changed. Even organisations that encourage staff to work from the office still have people logging in from home in the evenings, checking systems over the weekend, or connecting while travelling.

This flexibility helps productivity, but it also brings new risks. The biggest of these risks comes from the uncontrolled network edge. This includes homes, hotels, serviced offices, or client sites. These are places where staff rely on networks and routers that have not been set up, patched, or monitored by the company.

Understanding the risks at this uncontrolled edge is the first step in closing the gap.

Why the Uncontrolled Network Edge is a Target

Attackers know that companies spend heavily on office firewalls and endpoint tools. The weaker spot is often the network edge where staff connect from home or other locations.

Home and small office routers are a common target. Many have firmware that is out of date or even abandoned by the manufacturer. Once attackers find a vulnerability, they can scan for thousands of routers online and compromise them automatically.

High-profile examples have included:

  • DrayTek routers with weak remote management ports that could be hijacked.
  • TP-Link firmware flaws that allowed attackers to take full control of the device.
  • Netgear Orbi vulnerabilities where default settings exposed sensitive services.
  • Mirai malware, which turned consumer devices into massive botnets.

These are not rare, theoretical issues. They are real vulnerabilities that have been widely exploited. If staff are connecting through one of these routers, the company systems they access can be at risk.

Why VPNs and Firewalls Are Not Enough

Many organisations assume that a VPN or a firewall solves this problem. They help, but they do not fix the risks at the uncontrolled edge.

  • VPN encrypts traffic so outsiders cannot snoop on data in transit. But it cannot stop a compromised device on the same home network from trying to move laterally once the connection is open.
  • firewall filters traffic but depends on the router it sits behind. If the router is already compromised, the firewall may never see the malicious traffic.

This is why the uncontrolled edge remains a blind spot. It sits outside the office perimeter and beyond IT’s visibility, yet it is where staff frequently connect from.

Everyday Examples of Risk

The uncontrolled edge is not abstract. It affects everyday work:

  • A solicitor accesses sensitive case files from a serviced office where the router has not had an update in years.
  • A project manager logs into dashboards from a hotel room where dozens of other guests are on the same Wi-Fi.
  • An employee pulls up data at home while their child streams games on a laptop infected with malware.
  • A consultant signs in from a client site with no visibility of how the network is secured.

In each case, the company’s systems are being reached from networks that IT cannot trust. The staff member may be doing everything right, but the environment is unsafe.

Common Misconceptions

Many people underestimate these risks because of misconceptions such as:

  • “My ISP keeps my router secure.” In reality, most internet providers ship basic routers with limited security and only occasional updates.
  • “If I have a VPN, I’m safe.” A VPN encrypts traffic but does not separate it from other devices on the same local network.
  • “It will not happen to me.” Attackers do not target individuals one by one. They use automated scans to find thousands of weak routers and exploit them at scale.

These misconceptions leave businesses exposed at the uncontrolled network edge.

How Loxada Provides a Secure On-Ramp

This is where Loxada makes the difference. Instead of relying on whatever router staff happen to be using, we provide managed routers with hardened firmware that create a separate, work-only network.

Key benefits include:

  • Separation of traffic so business activity is isolated from personal devices.
  • Automatic updates that keep routers patched without staff involvement.
  • Centralised management that gives IT teams visibility and control at the edge.
  • Simple setup with no software for staff to install — they just plug in and connect.

This creates a secure on-ramp back into company systems. Even if other devices on the home, hotel, or serviced office network are compromised, they cannot reach the business environment.

Why This Matters

The uncontrolled network edge is now a permanent part of how staff connect. Ignoring it is no longer an option. Attackers already use scanning tools and hacking-as-a-service kits to exploit weak routers and insecure local networks.

Regulators have taken notice too. Agencies such as the NSA, GCHQ, and CISA have all issued warnings about risks at the edge and advised organisations to adopt centrally managed, hardened solutions.

By using Loxada’s secure on-ramp, organisations close this gap. They protect sensitive systems, reduce compliance risks, and give staff reliable, secure access wherever they work.

The Bottom Line

Remote access is not just about VPNs or firewalls. The real risk lies at the uncontrolled network edge where staff connect from homes, hotels, serviced offices, and client sites. These environments are outside IT’s control and full of hidden vulnerabilities.

VPNs and firewalls play a role, but they cannot secure the edge. That is why Loxada provides managed routers that create a safe, separate path back into company systems.

It is a simple way to turn the uncontrolled edge into a controlled, secure environment. Staff can connect with confidence, and businesses can focus on what matters without leaving a blind spot open to attackers.

If you found this blog post interesting you might also enjoy our regular series of webinars about practical ways to improve the security of people working outside the office.