Hybrid work is no longer an experiment. As of early 2025, roughly 22.8% of the US workforce, nearly 36 million people, operates remotely or in a hybrid capacity. That figure has held between 21% and 23% for more than a year, confirming that workforce dispersal is permanent. For IT departments, the implications are profound and largely unresolved.
The problem is architectural. In a traditional office, IT controls the network from edge to edge. In the hybrid model, that control ends the moment an employee leaves the building. Everything beyond the VPN gateway, including the home router, residential ISP, and shared household bandwidth, sits outside the organizationβs administrative reach. When a client call drops or a video session freezes, IT has almost no visibility into why.
The economic stakes are significant. In 2025, 51% of businesses reported monthly losses exceeding one million dollars due to internet outages or degradations, up from 43% the previous year. One in eight organizations now reports losses above ten million dollars per month. For a workforce that values remote flexibility at up to 60,000 dollars annually in compensation equivalent, the pressure to fix the last mile is no longer optional.
Why the Last Mile Breaks
The home network is a hostile environment for enterprise-grade application delivery. Consumer routers are built for typical household use, not the concurrent demands of video conferencing, file transfers, and cloud collaboration running simultaneously. Wi-Fi signal strength dropping to 60% can reduce throughput and latency performance by as much as 80%. In dense urban areas, channel congestion from overlapping residential networks creates packet collisions and jitter that render voice and video applications unreliable.
Residential ISP connections compound the problem. Unlike corporate circuits, they do not carry low-latency guarantees and often feature asymmetric upload and download speeds. When a household is shared, as most are, competition for bandwidth intensifies. Streaming, gaming, and AI-assisted workflows all run concurrently on the same connection used for high-stakes client meetings, creating bottlenecks for extended periods, such as during school breaks or when a spouse works from home.
It is for reasons like this that Dave Wechsler, Chief Business Officer at Plume, describes the scale of the challenge bluntly:
βThe last hundred feet is where enterprise IT falls off a cliff. Corporate tools stop at the VPN, and after that itβs a black box. The reality is the last mile now lives in someoneβs living room.β
Going on, Wechsler states how βKids are pulling more bandwidth than their parents, five devices are competing, and now weβre seeing a 300% jump in time spent on LLMs across Plumeβs global network. Most home networks were not built for that.β
The result for IT teams is a reactive support posture built on guesswork. When a user reports a dropped call or frozen screen, the standard response is to ask them to restart the router and check their connection speed. Without telemetry from the home environment, there is no way to establish whether the fault sits with the device, the home Wi-Fi, the residential ISP, or somewhere further upstream. This is where the ISP blame game takes hold. The user blames the connection, IT says the server is fine, and the ISP reports no incidents. Nobody can prove anything, and the problem recurs.
Prakash Mana, CEO at Cloudbrink, argues the root cause is conceptual: βIT teams are struggling with home and public networks because remote access has historically been treated as a security problem, not an end-to-end experience problem.β Thatβs where part of the problem lies.
βTraditional VPN and many ZTNA services can authenticate the user and encrypt the session, but they often have little ability to measure, manage, or improve the last mile.β
Even small levels of packet loss can have a significant impact on video meetings, file transfers, SaaS applications, and real-time collaboration.
Turning Visibility into Evidence
Digital Experience Monitoring platforms represent the most direct answer to this visibility gap. Rather than monitoring from the server side, DEM tools deploy lightweight endpoint agents onto employee devices and collect telemetry outward from the user. Local device CPU load, memory consumption, Wi-Fi signal quality, packet loss, and latency are all captured in real time. For the first time, IT has a working view of the home environment without physically accessing it.
Nexthink combines technical endpoint metrics with on-device employee sentiment surveys to account for the human element alongside raw performance data. ControlUp goes further, allowing IT to run scripts remotely on devices to clear storage, restart services, or adjust configurations without requiring any action from the employee.
Cisco ThousandEyes approaches this from the network outward. Its endpoint agents map the complete Layer 3 traffic path between a userβs device and a target application, hop by hop. Each node is measured for latency and packet loss. If the first hop, the home gateway, shows elevated latency, the fault is internal. If the delay appears at the ISP gateway transition, it points to provider-side congestion. If it surfaces at an internet exchange point, it signals a routing or transit problem between carriers. The data is specific enough to identify the responsible interface within a carrierβs network. IT can generate a shareable performance snapshot and send it directly to the ISPβs network operations center, bypassing tier-one support entirely.
Wechsler points to the scale of adaptation still required, even with better tooling: βISPs and the systems behind them need to learn how people actually use their networks, track quality of outcome, and adjust in real time. Itβs not Claude or Zoom. Itβs both, at the same time, and both matter for your job.β Static monitoring thresholds calibrated for pre-2023 usage patterns are no longer sufficient. As AI-augmented workloads sit alongside voice and video, the tools measuring them must keep pace.
But beyond upgrading existing tools, the harder question is whether organizations are permitted to use them.
Visibility Without Surveillance
Deploying monitoring agents in a home environment raises legitimate concerns. Employees are understandably cautious about software that could capture personal browsing activity, household network names, or device behavior outside working hours. The legal landscape reflects this tension and varies significantly by jurisdiction.
In the US, employer monitoring on company-owned devices is broadly permitted under federal law, but state legislation is tightening. New York mandates written notice at hire. Californiaβs CPRA requires employers to disclose what data is collected and why, with collection justified as proportionate to a legitimate business interest. In the European Union, GDPR sets a stricter standard. Monitoring must be lawful, transparent, and proportionate. Data collected for IT troubleshooting cannot be repurposed for HR or disciplinary actions unless that purpose was explicitly disclosed from the outset.
Modern DEM platforms have introduced technical safeguards to meet these requirements. ThousandEyes Endpoint Agents can be configured to collect data only for approved, work-related domains. Personal browsing generates no telemetry unless the employee manually opts into a troubleshooting session. Deterministic anonymization replaces identifiers such as usernames and network names with consistent numeric IDs, allowing IT to correlate performance data over time without identifying the individual behind it. Role-based access controls determine who can de-anonymize a record, limiting that capability to senior administrators working on active support cases.
With configurations that make this monitoring software permissible, David Matalon, CEO and Co-Founder at Venn, argues the framing itself needs to change:
βWhen organizations try to extend visibility into an employeeβs home network or personal device, it creates immediate friction.β
According to Matalon, this is because βEmployees feel like theyβre being watched in their own environment, which erodes trust and impacts how they work. The more effective approach is to shift from broad monitoring to targeted protection. Organizations that focus on securing the work itself are creating a dedicated, policy-controlled environment for business applications and data. Within that environment, IT has the visibility and control it needs. Outside of it, employees retain their privacy.β
That balance is becoming a competitive consideration as much as a compliance one. Organizations that embed trust into their monitoring approach will find it easier to deploy the tools they need, sustain employee buy-in, and build genuine resilience into the hybrid model. Matalonβs conclusion points to where this is heading: βAs flexible and distributed workforces continue to grow, organizations that prioritize privacy alongside security will be better positioned to attract top talent, maintain trust, and increase productivity.β The last mile is no longer just a network problem. It is a people problem, and solving it properly requires both.
