The more things change, the more they stay the same.

Just when it looked as if we could move freely without restrictions, we might need to return to a brief quarantine — or at least our devices will need to enter a version of it.

Workers returning to the office can be a cause for celebration — but there is some reason to be cautious. While organizations must look forward, they must ensure security is at the top of their list of priorities.

Unfortunately, from a technological standpoint, some organizations may find themselves unprepared to welcome back workers. Because many organizations were laser-focused on remote work and the security implications that came with it, they may have inadvertently neglected their office security protocols.

Over the past 14 months, some companies held off their regular security upgrades or vulnerability sweeps to alleviate some of the burdens IT teams faced amid the transition. No one should be surprised that hackers have taken notice.

In fact, there is some concern hackers already infected corporate computers and are “lying in wait.” In other words, the bad actors are patiently waiting for their targets to connect to the office networks to bypass the firewall and gain access.

As the first step in the process, companies must be honest with themselves. For example, did they move away from mandating VPNs or allow their teams to use personal devices for company business? Did employees use work devices for personal reasons and download unauthorized software?

To prepare for the return to the office, companies should establish a local area network (LAN), so those returning to the office can upgrade their devices with the latest security protocols before connecting to the primary network.

This is one of those moments where companies cannot leave the answers to those questions to chance. It’s not about punishing those employees who might have violated the rules; it’s about making sure the company’s networks — and more importantly, its data and operations — remain safe.

No one wants to fall victim to a security breach, and too many small-to-medium-sized businesses (SMBs) are ill-prepared to respond. In this instance, the old adage, “the best defense is a good offense,” applies.

The best way to respond to a security event is to work to avoid it altogether.

Do you think you are asking the right questions as your team prepares to return to the office?