Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Edge Ask The Experts

6/7/2021
10:00 AM
John Bock
John Bock
Ask the Experts
Connect Directly
LinkedIn
RSS
E-Mail
50%
50%

How Can I Test the Security of My Home-Office Employees' Routers?

From the most accurate to the most practical, here are a few ways to ensure both employees and organizations are protected from risk.

(Image: Oleksandr Delyk via Adobe Stock)
(Image: Oleksandr Delyk via Adobe Stock)

Question: How can I test the security of my home-office employees' routers?

John Bock, senior research scientist, Optiv: This can be a challenging question because it depends on your user population and how creative your legal department wants to be. The technical answer is that enterprise vulnerability management products are capable of scanning home office routers, but before doing so you would have to account for several things — namely, some language employees could agree to stating they own their IP addresses to be scanned. They would need to give the organization permission to scan their routers and potentially cause disruptions. 

This would provide the most accurate results and integrated visibility into the organization's overall risk, especially if we're now treating the home office as an extension of the enterprise environment. But there are some dependencies in relying on employees to correctly supply their home router IP addresses. There are also potential downsides in terms of privacy issues and mishaps, like scanning an address by mistake. No matter what, the entire effort would have to start with the legal department. 

If that approach isn't practical, then you are left with what can be done with a typical user base that ranges across tech skill levels, including individuals who may have never logged into the management interface of their home routers. Starting with the most basic procedure, you can have users check to see whether their IP addresses are showing up in public databases. A quick way to do that would be: 

Now, most home users will have nonstatic addresses from their providers, but it's still worth knowing whether the addresses they are coming from is a problem. If you can ask employees to log in to their routers, then the highest priorities are having them update the firmware and validate their firewalls are enabled.

For technical users, this won't be a big deal, but it may be asking a lot for some of your user population. There's no simple way to handle this, but you can facilitate the process by offering links to vendor documentation on the specific actions you want a user to take and by making the help desk available for support. While the support team may not enjoy the increased load, it is worth the one-time resource hit in order to enable automatic updates along with ensuring basic protections are in place. 

John Bock is senior research scientist at Optiv. Prior to this role, John was vice president of threat research, and before that he was the leader of Optiv's application security practice, which provided application pen testing and other software security services. With more ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
martin-smith
50%
50%
martin-smith,
User Rank: Apprentice
6/8/2021 | 10:58:42 AM
Focus for home workers security
We've come across this issue with Cyber Essentials certification in the UK. Due to the onerous nature of detecting and managing various flavours of ISP router and their security, focus has switched to endpoint protection.

Running a managed firewall configuration (through Group Policy or via an AV product policy) along with agent based detection of potential vulnerabilities on the endpoint, moves the control to the devices themselves.

We are effectively treating the home devices as outside of our control. and treating the home network the same as any other public wifi access. We dont trust it, so we protect from it!
Cartoon Caption Winner: Magic May
Flash Poll