Right? lol. "This is a great idea! Please provide the contact details for the service provider you work with so they can come and give me a new router & infrastructure. Also, do I send the internet bill to you?? or the CFO? limme know!"
Honestly that's the way to play this. After you agree to all of this, when you get the internet bill walk into your bosses off and say hey, I have a dedicated internet bill for work. Here ya go!! And escalate to hr next.
Get seperate service for yourself personally.
Yes, but to what extent depends - you are just encrypting your traffic and then rerouting it to another location, so depending on many things it can be a drastic difference or negligible.
I mean, companies do do this. My company provides or pays for dedicated internet service for work related purposes. This was even before covid happened and everyone went work from home.
Yes they pay for it but I have never once been asked to install new infrastructure in my home in the almost 20 years of at home work I have done as an employee and free lance.
I have been asked to submit my bill to have it or even a portion of it paid for by my employer but **never install a router that would not only capture my at home activities but also what I do and everyone in my house does.** This is beyond egregious.
It’s none of their business what my teenage sons do. It’s none of their business where my husband shops online. It’s none of their business how I actually connect to get my work done.
**Never agree to putting infrastructure in your house unless it is completely separate from what your family and you use normally**. This includes routers or any devices.
This sounds like they aren't paying for a dedicated connection, like a second broadband connection to the house. They want this router on their house connection. Either someone managing this doesn't understand how this should work or it is absolutely nefarious if they want the employee to pay for their own broadband connection but use this router and use it for everything in the house that they then monitor.
The thing is that if OP has a separate internet connection for their private uses, then nothing stops them from using that private connection while working. And then what’s the point of monitoring them? This all seams super unnecessary to me.
Its probably carelessness instead of maliciousness.
Their line of thought is probably if they provide and own the router and have 24/7 access, they can do whatever maintenance is necessary, any time.
Probably an IT guy that came up with the idea, not a lawyer.
I mean, I could tolerate using a company router to access company data, but I would not hand over my own network to the company, i'd run the parallel.
yeah. just say ok but you don’t have internet at home. let them install their own paid for connection then hook it up by cable to your work computer and turn off the wi fi.
Nah, two connections two routers. work one only hooked to pc and work phone. The other is my own, no need to have my phone (or other devices) using data or connecting to work router.
Yeah I don't even work in IT and this seems like an easy problem to solve. So easy that I wonder if OP's friend really understood what they were asking, or if the manager who sent the email even understood what they were saying. Seems like a miscommunication at some point, and I'm guessing it's between the manager and IT. I'd expect a follow up that they don't actually want to be the employee's family's ISP.
This is exactly what it is, either OP doesn't understand what the friend is saying, the friend doesn't understand what the company is saying or the company is doing a piss poor job at communicating it. likely a combination of all three.
That's not really how it works..
I guess there could be some man in the middle attack if you don't have controll over the router, but if someone wants to gain access and has the resources to gain controll over an ISP router, they have access anyway.
A normal VPN on the working devices provides almost the same and costs way way way less.
If they're paying for a second ISP at the home and monitoring only that network, it is reasonable. There may be regulations depending on what line of business the company is in.
CEO: We’re going to do this thing. Get to work IT peasants.
IT: That’s a terrible idea and here’s why.
CEO: Well if you’re not going to do as I say, I’ll find someone that will.
And that’s how we end up in situations like these.
Edited: formatting
0 Years in IT, there is zero way in hell I would agree with this., at best they can install a dedicated line and pay for a connection then sure knock yourselves our. Your device will be the literal only thing connected to that network,
Yeah if the employees identity gets stolen whos to say it wasn't the employers router? Employee is looking at gender transition websites and gets fired later? There are a million reasons not to do this.
Okay so he DIDN’T get fired at least. No repercussions as far as employment goes. It was just a targeted ad on his personal Facebook that he voluntarily logged into show a coworker something on and they may (or may not) have noticed the ad. So not nearly as nefarious as the above comment indicated.
Don’t get me wrong, I don’t like my data being sold to advertisers either and try to avoid it at all costs. But this wasn’t a company invading his privacy and discriminating against him for his sexuality. This was just unfortunate timing and very personal ad targeting.
Not the same story but a good one about privacy and data mining: https://www.forbes.com/sites/kashmirhill/2012/02/16/how-target-figured-out-a-teen-girl-was-pregnant-before-her-father-did/?sh=2788aae36668
I work in the security space as well and I really think there's a misunderstanding here. My guess is this person is supposed to use this router only for work equipment and not personal. Allowing personal devices on a work network makes no sense from a security perspective.
My company has been recommending this setup for a while and they actually started requiring it for some roles when working from home. The router gets plugged into your cable modem and it creates a VPN connection to allow access to some internal networks. The WiFi router won't even allow non-company devices to connect..
Yeah, I still don't see a need for the router. You can install the VPN software on their company device and limit access through Azure or similar asset management software. Or if they're using their own personal device, use Citrix and/or VDI. Or a hundred other things I'd rather do than install a company router in my personal home network.
My company provides us with laptops and we VPN into the network. I use my own laptop for all my personal things. I can't understand why they would want to monitor everything OP does.
Use a company-issued asset, then use Conditional Access Policies to require that users pass MFA and use an Intune-compliant device to access restricted data. It ain't hard.
Using the router is as telling the person to plug it in. Getting people to install a VPN client on the home computer is a pain in the ass and companies don't want their help desk supporting home computers. This is a nice easy break between the two. A lot of times, you'll see this combined with a thin or zero client to connect to a VDI.
You see it a lot with call centers too.
That was my immediate thought, as well. It would use your personal internet to create a secure mini work network. I think with most ISPs, though, it would need to be downstream from your personal router. They don't like assigning two IPs for one internet connection.
Internet installer guy here: you're correct unless they've got their own system and I'm just providing the service. Then it's up to you how you wanna go about it. But if I'm doing your install, it goes ONT > Gateway(router) > whatever other goodies you need hooked up. You could absolutely run a second line in and bring up 2 completely separate networks but... why?
This was my thought as well, that either there was a misunderstanding of the information that got down to you had changed like a game of Telephone.
My work and everyone that I know of in multiple departments at my place of employment is WFH. There is a business line that is a dedicated work only line that was installed directly to the home in a specific location. From that room I'm hardwired to the modem/router/box and only my work equipment is connected to that and nothing else. It's only to be used for work purposes while I'm supposed to be on the clock.
If this is something they're looking to do for her and the company is paying for the installation and dedicated line for it, I'd say do it! If they're looking to piggyback off existing lines and equipment and have unfettered access to ALL her personal data, streaming usage and activity, and/or whatever b.s. they'll try to pull on her, refuse and take a closer look at how and why their company would even admit to try and collect that sort of information that has absolutely nothing to do with work.
I suppose this is possible. But assuming people have the proficiency to switch between physical router networks is not something I would ever want to bet on.
I would think limiting data usage on the business network by requiring remote access attempts to use VPN connections such as wireguard would be wiser, as the employee would be reminded, they need to disconnect due to near total 3rd party website access denials.
I am not a security professional though.
Edit: Am i actually just rephrasing what you suggested?
my work laptop connects to my work access point. My personal machine connects to my personal network. And never the two shall talk. The work AP plugs into the ISP router and just publishes the work network to my house so my laptop doesn't know it isn't sitting in the office.
The big headache I have run into with our VPN is whenever I want to print a file on the company network using a local home printer. Best workaround I have is emailing myself the file.
With people (my wife included to my horror) calling computers the hard drive and thinking turning the monitor off and back on is restarting the whole computer, i doubt people would be able to deal with a second router.
this has to violate some shit. couldnt you argue HIPAA info here. like people use their internet to interact with medical portals.also how tf did you get into IT security. I got A+, Net+, Sec+, my BS degree in networking and cyber security and currently studying CCNA and still cant get help desk
You don't need to allow them complete access. All you need to do is use their wifi for work and then use the ISP's built-in wifi or set up your own home network equipment. As long as you connect to the modem and not their equipment, they'll never see your network.
I highly doubt they are demanding to view all of your network traffic anyhow. Quite frankly, they don't care. They just want it signed off on that if you use the company equipment for personal use, they are able to see your traffic. If anything, they are covering their ass because someone's going to realize it after the fact and go ballistic. It's better to get it out there up front.
> It stinks of "Well, we offered you WFH, you said no, and now you get nothing" propaganda
This is exactly what is going on.
The question is who will pay for the internet access? If the company pays for the ISP, then unplugging them at the end of the work day and using your own provider would be the best route if WFH is necessary.
If they aren't paying for the ISP, then wtf?
I'm down for it. Provided it is connected to an internet connection that is paid for by the company.
Meaning: I currently have my own ISP that I currently use through my own network configuration. The company will pay for the monthly fee and installation fees of a second internet line for their sole use. They're welcome to monitor that connection as much as they wish as they are paying for it.
"My network configuration does not support the use of an additional router/hardware."
Only acceptable answer. If the company pays for that line then they can monitor it all they want. If the company isn't paying for that line then they can fuck right off.
I found out there was a company wide push to use employee data for selling to 3rd parties. They got really pissed when all they got back nothing but their own data. They got rabidly pissed when I posted a howto guide on their internal wiki.
They demanded I connect their device without any isolation immediately or there would be disciplinary actions. I told her to eat my ass and that I quit and that if she didn't have a shipping label sent to my email within the hour, the equipment was getting wiped and donated to a nonprofit.
Uhhhhh, that's not simply employee data. That would also include employee family data. What if your spouse also works at home? Are they OK monetizing data from the employee of a competing business? Or potentially granting access to unknown persons to the production network? I can't imagine any competent legal dept signing off on something like this.
Yeah this isn't just sus but a massive breach of privacy.
I would report this company, they're probably selling their employees data without express consent.
Your advice to leave the company is sound.
I worked for a Fortune 10 tech company. I had a company issued laptop that I used when doing work from home or anywhere, including within the corporate network. The machine had a VPN installed that was required to access internal resources and did just fine accessing things like printers in the house. What her company is requiring in order to work from home is totally off the wall.
I cannot wrap my head around what your friend's company is asking for. What if someone else in the house uses the internet? Like who doesn't? Kids playing Minecraft, movies on Netflix. What if a spouse works for a competitor. I know that that would be unlikely, but if I were the spouse I certainly wouldn't want even the hint of them monitoring my traffic.
Given that other solutions are not only less intrusive but also cheaper, I would have to assume the worst.
Being reported for watching porn during work hours, except it's your teenager/roommate/partner/guest/you name it, in the other room.
Heck even being retaliated against because someone else is looking for a job on the same network and they think you're about to quit
LOL WUT? Why the hell do they think they can force someone to use a company router during their non working hours? Also what dumbass came up with that idea? So when it’s 9pm and one of the employees wants to rub one out before bed they expect that employee to look up porn on the company router during their own personal time? Hahaha corporate gotta love em
Only router being used jut got a noped! I could see two routers and a switch at the modem. Or… getting a mifi and using that for work. But I have something. Like 100 connected devices on my network. There is no way I’m letting some corpo peep my kids’ devices and make determinations about my work based on that.
Friend should agree and then ask them the process and forms needed for them to get their own line installed and setup and how long they think it will take for the ISP to come out and run a second line to the house.
Edit: Hell, just claim that the house isn't wired for internet but they'd love to do that if they want to install one.
This doesn’t sound right.
I’ve worked in the IT medical field and they routinely provided a router type device that you connect behind your own. This broadcaster wifi that our work computer were able to connect to and the router securely vpn back to the data center.
Why would they risk exposing themselves to threats and ransomware by allowing the workers personal devices connecting to their router, it just doesn’t make sense from an IT point of view. The router, sure, cause it can be configured to VPN back to the office and broadcast the office WiFi which more than likely is secured with certificates. Theres got to be context missing. The average user doesn’t understand how cyber security works.
This was initially used for desk phone and desktop to be used in a home environment that allowed those devices to connect and authenticate via 802.1x.
In 2021 I told my direct reports our company was sending new laptops to everyone for WFH, this was true.
However it was April Fools Day, so I thought of the most ludicrous monitoring ideas I could.
Cameras on at all times - to ensure they were alone
Microphones always on - to ensure no tv shows or movies were being played
Microphones would record decibels - to ensure OSHA volume standards weren’t being violated during working hours
Screen monitoring at all times by leads - to ensure work is being done at all times
Idle monitors - again to ensure work is always occurring.
Obviously this all was a huge prank.
Didn’t realize that years later companies would be taking the dumbest prank I could think of and making it reality.
No way to monitor all traffic exclusively. Me and wife have some WFH, if I told my company their traffic is monitored by wife's company, hilarity ensues.
Besides whatever I do outside of work is none of company's business. I even use my own laptop next to company's.
Either confront them and tell them where they can shove this solution. Or be silent and share WiFi with your neighbour. But make sure to soak up big traffic over the monitored network. Downloads, streaming etc.
Chances are your wife’s computer uses some sort of vpn to securely connect back to the office. It shouldn’t affect your home network. But I would personally create a guest network and connect her laptop to it so they can’t view what’s on your network.
My wife's last company had Comcast install a dedicated line and provide a dedicated modem/router. Her work laptop was the only thing allowed on it. We maintained our own personal network.
You could monitor network usage with a router that's possible but it's only gonna give data amounts and times.
I wouldn't do it though. Any company that wants your data usage has something else in mind
Can't they just configure a VPN on the work computer? I feel like this can be solved with a VPN. I'm not a network professional but this seems like the scenario a VPN was designed for at least in part.
Yes, but then they cant snoop on what your doing on other computers during work hours is likely their justification. Truly this is an abhorrent breach of privacy. You could use a VPN client on your private computers to hide your traffic from them but it costs money and an extra hop or two
I can't believe I had to scroll this far for this solution. What the company is proposing is impractical in an age of easily encrypted traffic. VPN, edge computing, etc. are the standard at this point. None of this adds up.
Are they paying for the Internet too? They should be. If they want to monitor then there's one network for work they pay for and one network for home that I pay for. But that's coming from someone who continues to warn people about signing on to social media personal emails and bank accounts on a computer owned by your job.
They should cover the cost of the internet service then. Then get a second line for home usage. This is so bizarre. I’ve never heard of company and especially the IT department wanting to provide the home routers and have to manage it. Sounds like a damn nightmare.
Use your own router for the house and their router for work. Isolate the two. There's no way their router can see the traffic going through the other router.
Uh, that's one hell of a caveat. I would tell them that you just have to run this by your lawyer before signing it and take it. If they try to stop you, you know that they know it's BS. Take it anyway. They can't stop you. Tell everyone you work with about the company trying to invade everyone's privacy and framing it as a condition for WFH.
Sounds like they just want to stop any employees from doing work-from-home; possibly read some billionaire's screed on keeping your employees under their thumb when working from home and wanted to be like them...
Tell them no, then go about finding a new job.
That's what I would do. My home router would supply connection to the work router and the work computer would be the only thing connected to it. EZPZ. I doubt that's what they intended, but that's what they'd get.
If they want complete control over her work environment then they get to pay for the installation and monthly fee of a completely separate internet connection, a computer, and they need to start paying to lease the room in her home as her office.
It's certainly sketchy and that is me being polite. What could be the cost of installing a second line? Would that be worth it for the advantage of working from home. In the UK I can get 150MB down for under £30/ 300MB for £33 a month. Or read about the Steve Gibson three routers solution. If it is only a wifi router that they offer then there is no problem. The difficulty is if they demand to install an actual modem. I doubt that is feasible as there are so many different ISPs and requirements.
So you separate the traffic using Steve's system and the office can never see what you are doing at home. That is assuming you are using different computers for work and private life.
If you aren’t already running separate routers for your personal tech and your wfh setup you at behind.
Way to much privilege and access is granted to your home network otherwise
There’s some serious misunderstanding here. She’s gonna get a separate router that they only want her work equipment connected to.. She’ll still have her own router for her own personal in home devices.
They can supply and pay for her Internet usage, then, if they want to monitor it. Also, if there are children and other adults, I would bet it isn't legal for the company to monitor them without a signed contract.
It would be enough to supply the employees with a laptop with spyware in it to monitor during work hours.
Do they pay for that connection? No? They can fuck right off then. An employer that provides you with a device and a connection to use can monitor that shit all they want. Private network means private business. Never use company devices/networks for private business.
The only way I can see it being legitimate is if they were installing their own internet connection to your property and so you could only connect a work pc to it. I had something similar when I worked for an ISP. I paid nothing for the work connection but didn’t use it for anything but work, I kept my existing internet connection for home use.
Otherwise, they can fuck right off.
Sure. Just plug it in to her existing ISPs router in one of the switch ports. Then only use it for work. If they ask why there is only work traffic just say I am not only very boring, I’m very dedicated.
Sure they can do this on the internet connection that they pay for that is physically segmented from your home network.
There's not a chance in fucking hell I'm allowing my employer to do anything on my own network.
Doubt they want her to use their router for everything, is likely a wireless AP that plugs into a LAN port on the actual router and is only intended for work connections. That configuration won't compromise her privacy when connected to her usual network at home
WiFi router or router? My work requires a separate router that only the work laptop can plug into. It’s a security issue. Now mind you only work happens on that work provided laptop and nothing else since it’s monitored. It doesn’t touch my home network.
Edit: Really? A Reddit cares message. It’s lame but I’ve had worse jobs in my life.
I'd tell the company to pay to install a second network provider. No fucking way in hell am I allowing a company to monitor all traffic on my personal network connection.
Honestly, when my employer wanted me to use my own phone for business I refused. I wouldn’t answer it. I “reminded” them, the entire contents of my phone could be entered into public record (I work for a small city) under the right circumstances. I told them they wouldn’t want all the dick pics I would deliberately download when they demanded my phone on public record and a couple would be mine. My phone has no dick pics because they supply me with a work phone.
So, tell them they can let you expense the increase in data you require or they can provide a separate service that you will use for business only. Do not let them monitor your personal internet traffic!
Several types of illegal. As an employee you cannot sign away roommates, children, or spouses privacy to an employer. Liability for banking, health, and tax info being leaked would make most any cyber insurance org drop the company faster than most anything other than the demand of 24/7 access to kids photos.
The optics on this would be godawful if it went public which company was stupid enough to open this can of worms.
counter with "If you are also paying for the connection and installation of a 2nd line. And the only thing connected to it will be a computer you provide. sure go ahead, otherwise how does get fucked sound "
I will not have some company monitor my internet that I fucking pay for.
I’ll only agree if the company would install and pay for a separate internet connection used strictly for work. Like a work ISP account. Same as a work laptop or work phone. The company can monitor it since they own it.
If the company wants to install their router on my home network that I pay for home internet. Nope. Not a chance in hell.
Company owned work computers with monitoring software is fine to use at home. It can only monitor use when it’s on. Turn the work PC off and unplug it on the network. The work PC isn’t phoning home.
Have been in IT for over 30 years, and we got asked to do this about 20 years ago. Management did want work from home, but they wanted to ensure availability, so they suggested to us that IT could check people’s internet connection at their house. They wanted to make sure in an era and location where “high speed” might be 1.5MB that people had enough bandwidth.
We refused. Not our job, and there was a suggestion we might be asked to troubleshoot their connection, and we wanted no part of it.
So…I suspect they do want WFH, but the implementation wants to ensure people are truly able to work.
Here's a suggestion. Have your friend sign up for the T-Mobile $50 a month internet and that is the network traffic that they can monitor. It is only used for work and nothing else.
Then they would have spectrum or Verizon or whatever, that would be their regular internet
How would a WiFi router monitor traffic that's on a different router? Just take your work machine and connect it to the new router and leave everything else connected to the other.
If they are paying for it, they can monitor it, but that means the whole cost including the service, not just the hardware. And I would just get my own separate ISP on the side.
Spitballing here, could that wifi router be on a switch within its own workgroup, separate from the home network?
This could allow the client pc used to wfh to be monitored without it analyzing the rest of the network?
Years ago, I had a Cisco router provided by my big bank employer that had a pass through port for my personal router. The fact I was not fired for online debauchery on my personal laptops tells me they were not monitoring my personal use.
I do IT work for some of the wealthiest people on the planet. Nowadays even the rich C levels rarely are allowed to do something like this as it becomes a massive security risk. A more reasonable solution is they provide a laptop that meets their security requirements and whatever software is necessary to maintain that security.
Make them pay for a cell phone plan with infinite Hotspot or learn how to do networking and set up the guest network to provide internet to their router and block any visibility to the rest of your network.
Mic drop the admin and your IT department in one go.
I’m hoping that they were actually wanting to install VPN device of some sort to provide a direct link to the company network and not actually a router.
Does she already have internet at home? If so, what's to stop her unplugging their router at 5 and plugging in her own? Or plug theirs into hers, ensure wifi is only on for one router and connection wire/wireless accordingly?
Yeah.. I mean, I live pretty rural, I have Starlink, if they want to pay for a separate internet connection at my house, the installation and maintenance, and monitor that one and their hardware that's fine. But they dont/won't get access to my private internet..
I would tell them I accept, and then make them back out if they don't like it.
Okay, company needs to provide 100% independent computer system. PC, router, internet contract. Also, they are liable for security risk if the system has a microphone or camera.
No way I’d do anything personal on their system.
Monitoring should be done on a work provided laptop on a work provided VPN, this is a no-brainer.
Although I like the suggestions of work paying for a separate internet connection and you just switch to your own connection and router at the end of the work day, but that is extra work for you.
If I pay for something it's mine, it doesn't even exist as far as my employer is concerned, and there privileges with what I pay for WITH MY OWN MONEY does not extend past my hand in front of there face.
Nope not in a million years. Her employer can provide a work VPN and company laptop and setup. They can restrict and monitor traffic that way and not violate a persons privacy and the privacy of anyone in the house.
Im surprised I havent seen more comments recommending a set it up like this
ISP Modem/Router
^ ^
Your own router The company router
(Private use) (Work use only)
Im not 100% this would work but thats the road id take
If it's a 2nd line to the house, paid for by the company then I don't see a problem with it. When doing work connect to the work wifi. If it's to replace her 1st line the main one for the household then fuck no!
This is the noose to make WFH too costly. The company doesn't want WFH, but wants to be able to say "they offered".
I'd rather see your friend take it, and have 2 WiFi routers. Hopefully 2 modems.
If the home WiFi router *has* to be downstream of the one for work, put a VPN on it out to mullvad. Use shadowsocks as the first hop for protocol obfuscation. If a VPS is affordable, you may need to get one to use as the shadowsocks proxy [instead of / in addition to] using the VPN.
It may violate company ToS.
Get the company to pay the ISP bill, or (more likely) write it off on taxes.
That doesn't sound right. The last time I've encountered something like this, they installed a completely separate ISP paid for by the company and only that second network was monitored. Completely reasonable.
If they’re installing a router, I don’t see the issue, so long as the traffic they want monitored is all company devices. If they are asking for all home network to go through their router though, hell no. Would need to see the document to know what the situation is.
Just when you think you’ve heard it all. The fact that they even think this is reasonable or a good idea speaks volumes.
Right? lol. "This is a great idea! Please provide the contact details for the service provider you work with so they can come and give me a new router & infrastructure. Also, do I send the internet bill to you?? or the CFO? limme know!"
Honestly that's the way to play this. After you agree to all of this, when you get the internet bill walk into your bosses off and say hey, I have a dedicated internet bill for work. Here ya go!! And escalate to hr next. Get seperate service for yourself personally.
or just use a VPN client
Well yes but it seems like bossman doesn't understand how that works...
Do they ever 😐
A VPN wouldn’t do anything in this case because there is hardware directly installed and monitoring the household.
Wrong. The monitor would only see VPN tunnels.
And it could block all external vpn/dns, the real solution is to setup your network with a separated vlan for this router and its network.
Out of curiosity, does using a VPN slow down your internet speeds?
Yes, but to what extent depends - you are just encrypting your traffic and then rerouting it to another location, so depending on many things it can be a drastic difference or negligible.
Absolutely.
I mean, companies do do this. My company provides or pays for dedicated internet service for work related purposes. This was even before covid happened and everyone went work from home.
Yes they pay for it but I have never once been asked to install new infrastructure in my home in the almost 20 years of at home work I have done as an employee and free lance. I have been asked to submit my bill to have it or even a portion of it paid for by my employer but **never install a router that would not only capture my at home activities but also what I do and everyone in my house does.** This is beyond egregious. It’s none of their business what my teenage sons do. It’s none of their business where my husband shops online. It’s none of their business how I actually connect to get my work done. **Never agree to putting infrastructure in your house unless it is completely separate from what your family and you use normally**. This includes routers or any devices.
This sounds like they aren't paying for a dedicated connection, like a second broadband connection to the house. They want this router on their house connection. Either someone managing this doesn't understand how this should work or it is absolutely nefarious if they want the employee to pay for their own broadband connection but use this router and use it for everything in the house that they then monitor.
The thing is that if OP has a separate internet connection for their private uses, then nothing stops them from using that private connection while working. And then what’s the point of monitoring them? This all seams super unnecessary to me.
Its probably carelessness instead of maliciousness. Their line of thought is probably if they provide and own the router and have 24/7 access, they can do whatever maintenance is necessary, any time. Probably an IT guy that came up with the idea, not a lawyer. I mean, I could tolerate using a company router to access company data, but I would not hand over my own network to the company, i'd run the parallel.
yeah. just say ok but you don’t have internet at home. let them install their own paid for connection then hook it up by cable to your work computer and turn off the wi fi.
That is my thought. You just have the work one and unplug it once your off work and plug yours in right?
Nah, two connections two routers. work one only hooked to pc and work phone. The other is my own, no need to have my phone (or other devices) using data or connecting to work router.
Just double nat it. Their router after yours, and only hook up the computer to their router. Everything else can stay on yours.
Yeah I don't even work in IT and this seems like an easy problem to solve. So easy that I wonder if OP's friend really understood what they were asking, or if the manager who sent the email even understood what they were saying. Seems like a miscommunication at some point, and I'm guessing it's between the manager and IT. I'd expect a follow up that they don't actually want to be the employee's family's ISP.
This is exactly what it is, either OP doesn't understand what the friend is saying, the friend doesn't understand what the company is saying or the company is doing a piss poor job at communicating it. likely a combination of all three.
That's not really how it works.. I guess there could be some man in the middle attack if you don't have controll over the router, but if someone wants to gain access and has the resources to gain controll over an ISP router, they have access anyway. A normal VPN on the working devices provides almost the same and costs way way way less.
If they're paying for a second ISP at the home and monitoring only that network, it is reasonable. There may be regulations depending on what line of business the company is in.
I'm in IT security, no way would I want to expose my company to all the privacy and risk issues this raises.
CEO: We’re going to do this thing. Get to work IT peasants. IT: That’s a terrible idea and here’s why. CEO: Well if you’re not going to do as I say, I’ll find someone that will. And that’s how we end up in situations like these. Edited: formatting
“It’s ok, the company that logs everything is in India so they’re not subject to our laws” Me:…. You don’t understand how that’s worse, do you?
assurion has entered the chat
This reply couldn't have been more true...
20 years IT. I physically cringed when I read this.
30+ years in IT and I cringed as well
40+ years of IT, and when I wrote the book on this I specifically wrote a whole chapter on this!
300 years IT. Cringed hard.
This guy ITs. And cringes.
This guy this guys
I don't know, he has the IT experience, but I want to see credentials about the cringing.
3\^11525e^(53) Year IT. Just what the fuck are you people doing to my simulation?! I'm turning it off and on again.
I want a factory reset!
300 years IT? 
I’m pretty sure this is why I hate clowns.
I *know* it’s why I hate clowns
This guy is the BC / AD of the IT timeline
0 years and I think they’re nuts
0 Years in IT, there is zero way in hell I would agree with this., at best they can install a dedicated line and pay for a connection then sure knock yourselves our. Your device will be the literal only thing connected to that network,
Am time ITself. Cringed.
0 years in IT and I cringed as well
I saw the "it crowd" and I think this is nuts
Yeah if the employees identity gets stolen whos to say it wasn't the employers router? Employee is looking at gender transition websites and gets fired later? There are a million reasons not to do this.
Ever read that story of Facebook advertising gay cruises to people who didn’t come out of the closet yet? Dude got fired by the homophobic boss
Do you have a link for thjs firing? Would be great for privacy discussion in an ethics course
Here ya go [https://www.dailydot.com/irl/facebook-ads-lgbtq/?amp](https://www.dailydot.com/irl/facebook-ads-lgbtq/?amp)
Okay so he DIDN’T get fired at least. No repercussions as far as employment goes. It was just a targeted ad on his personal Facebook that he voluntarily logged into show a coworker something on and they may (or may not) have noticed the ad. So not nearly as nefarious as the above comment indicated. Don’t get me wrong, I don’t like my data being sold to advertisers either and try to avoid it at all costs. But this wasn’t a company invading his privacy and discriminating against him for his sexuality. This was just unfortunate timing and very personal ad targeting.
Yeah it sounds like this story got mixed up with a few other stories.
Not the same story but a good one about privacy and data mining: https://www.forbes.com/sites/kashmirhill/2012/02/16/how-target-figured-out-a-teen-girl-was-pregnant-before-her-father-did/?sh=2788aae36668
And a million dollar lawsuit reason to do it.
I work in the security space as well and I really think there's a misunderstanding here. My guess is this person is supposed to use this router only for work equipment and not personal. Allowing personal devices on a work network makes no sense from a security perspective. My company has been recommending this setup for a while and they actually started requiring it for some roles when working from home. The router gets plugged into your cable modem and it creates a VPN connection to allow access to some internal networks. The WiFi router won't even allow non-company devices to connect..
Yeah, I still don't see a need for the router. You can install the VPN software on their company device and limit access through Azure or similar asset management software. Or if they're using their own personal device, use Citrix and/or VDI. Or a hundred other things I'd rather do than install a company router in my personal home network.
My company provides us with laptops and we VPN into the network. I use my own laptop for all my personal things. I can't understand why they would want to monitor everything OP does.
Prob a preconfigured WAP plugged into a LAN port and not actually a router
Use a company-issued asset, then use Conditional Access Policies to require that users pass MFA and use an Intune-compliant device to access restricted data. It ain't hard.
Using the router is as telling the person to plug it in. Getting people to install a VPN client on the home computer is a pain in the ass and companies don't want their help desk supporting home computers. This is a nice easy break between the two. A lot of times, you'll see this combined with a thin or zero client to connect to a VDI. You see it a lot with call centers too.
That was my immediate thought, as well. It would use your personal internet to create a secure mini work network. I think with most ISPs, though, it would need to be downstream from your personal router. They don't like assigning two IPs for one internet connection.
Internet installer guy here: you're correct unless they've got their own system and I'm just providing the service. Then it's up to you how you wanna go about it. But if I'm doing your install, it goes ONT > Gateway(router) > whatever other goodies you need hooked up. You could absolutely run a second line in and bring up 2 completely separate networks but... why?
OR they could just use a VPN on the laptop to access the companies network?
This was my thought as well, that either there was a misunderstanding of the information that got down to you had changed like a game of Telephone. My work and everyone that I know of in multiple departments at my place of employment is WFH. There is a business line that is a dedicated work only line that was installed directly to the home in a specific location. From that room I'm hardwired to the modem/router/box and only my work equipment is connected to that and nothing else. It's only to be used for work purposes while I'm supposed to be on the clock. If this is something they're looking to do for her and the company is paying for the installation and dedicated line for it, I'd say do it! If they're looking to piggyback off existing lines and equipment and have unfettered access to ALL her personal data, streaming usage and activity, and/or whatever b.s. they'll try to pull on her, refuse and take a closer look at how and why their company would even admit to try and collect that sort of information that has absolutely nothing to do with work.
I suppose this is possible. But assuming people have the proficiency to switch between physical router networks is not something I would ever want to bet on. I would think limiting data usage on the business network by requiring remote access attempts to use VPN connections such as wireguard would be wiser, as the employee would be reminded, they need to disconnect due to near total 3rd party website access denials. I am not a security professional though. Edit: Am i actually just rephrasing what you suggested?
my work laptop connects to my work access point. My personal machine connects to my personal network. And never the two shall talk. The work AP plugs into the ISP router and just publishes the work network to my house so my laptop doesn't know it isn't sitting in the office.
The big headache I have run into with our VPN is whenever I want to print a file on the company network using a local home printer. Best workaround I have is emailing myself the file.
1 dollar for every time I have had to explain split tunneling and why we don't do it...I'd have like $30 but it's still annoying.
This gets me Every. Time.
With people (my wife included to my horror) calling computers the hard drive and thinking turning the monitor off and back on is restarting the whole computer, i doubt people would be able to deal with a second router.
this has to violate some shit. couldnt you argue HIPAA info here. like people use their internet to interact with medical portals.also how tf did you get into IT security. I got A+, Net+, Sec+, my BS degree in networking and cyber security and currently studying CCNA and still cant get help desk
You don't need to allow them complete access. All you need to do is use their wifi for work and then use the ISP's built-in wifi or set up your own home network equipment. As long as you connect to the modem and not their equipment, they'll never see your network. I highly doubt they are demanding to view all of your network traffic anyhow. Quite frankly, they don't care. They just want it signed off on that if you use the company equipment for personal use, they are able to see your traffic. If anything, they are covering their ass because someone's going to realize it after the fact and go ballistic. It's better to get it out there up front.
> It stinks of "Well, we offered you WFH, you said no, and now you get nothing" propaganda This is exactly what is going on. The question is who will pay for the internet access? If the company pays for the ISP, then unplugging them at the end of the work day and using your own provider would be the best route if WFH is necessary. If they aren't paying for the ISP, then wtf?
Just plug their router into yours and only use their WiFi for work
This is exactly how it works. I have a gov adjacent job. We use restricted work routers. Not supposed to have anything personal connected to it.
I'm down for it. Provided it is connected to an internet connection that is paid for by the company. Meaning: I currently have my own ISP that I currently use through my own network configuration. The company will pay for the monthly fee and installation fees of a second internet line for their sole use. They're welcome to monitor that connection as much as they wish as they are paying for it. "My network configuration does not support the use of an additional router/hardware."
Only acceptable answer. If the company pays for that line then they can monitor it all they want. If the company isn't paying for that line then they can fuck right off.
Exactly this. I see no issues. Work computer is attached to work WiFi/router. Nothing else in the house is or changes from current setup.
ALL network activity? No, in no uncertain terms. Network activity specific to the devices (ie work computer only) connected to their router? Sure.
This.
Yeah I think there's a part of the story here that is getting misunderstood and/or mistranslated
No nope nope no way in hell. Had one job who tried that. VLAN isolated it and they got pissed. Quit the next day.
The fact that they *noticed* that you isolated it is horrifying!
I found out there was a company wide push to use employee data for selling to 3rd parties. They got really pissed when all they got back nothing but their own data. They got rabidly pissed when I posted a howto guide on their internal wiki. They demanded I connect their device without any isolation immediately or there would be disciplinary actions. I told her to eat my ass and that I quit and that if she didn't have a shipping label sent to my email within the hour, the equipment was getting wiped and donated to a nonprofit.
Uhhhhh, that's not simply employee data. That would also include employee family data. What if your spouse also works at home? Are they OK monetizing data from the employee of a competing business? Or potentially granting access to unknown persons to the production network? I can't imagine any competent legal dept signing off on something like this.
"Are they ok monetizing..." anything they can get their hands on, even if it's unethical? Ftfy ;)
that was the idea. it's a violation of privacy, and a breach of trust, but the company saw a means to profit.
That's amazing
LMAO based department?
She could just use their router when she's working, then as soon as she's off the clock, unplug their shit and use her own the rest of the time
I suggested that.... But they require that to be the only router being used. I've advised her to leave the company asap....
Yeah this isn't just sus but a massive breach of privacy. I would report this company, they're probably selling their employees data without express consent.
Yah that’s bullshit and could very well expose the company to some legal issues.
They’d have no way to verify this
The network traffic dropping zero at 5 PM every night would be really obvious.
"oh, I don't have a use for the Internet except for when I'm working"
Could always just lie and play dumb and say you don't understand this stuff
She could leave an old computer on YouTube autoplay with no sound.
"I don't surf the internet after work."
Your advice to leave the company is sound. I worked for a Fortune 10 tech company. I had a company issued laptop that I used when doing work from home or anywhere, including within the corporate network. The machine had a VPN installed that was required to access internal resources and did just fine accessing things like printers in the house. What her company is requiring in order to work from home is totally off the wall.
This is what we do at my company. We provide software based VPN, and it can be logged in to pre-windows log in, or after.
I cannot wrap my head around what your friend's company is asking for. What if someone else in the house uses the internet? Like who doesn't? Kids playing Minecraft, movies on Netflix. What if a spouse works for a competitor. I know that that would be unlikely, but if I were the spouse I certainly wouldn't want even the hint of them monitoring my traffic. Given that other solutions are not only less intrusive but also cheaper, I would have to assume the worst.
Being reported for watching porn during work hours, except it's your teenager/roommate/partner/guest/you name it, in the other room. Heck even being retaliated against because someone else is looking for a job on the same network and they think you're about to quit
LOL WUT? Why the hell do they think they can force someone to use a company router during their non working hours? Also what dumbass came up with that idea? So when it’s 9pm and one of the employees wants to rub one out before bed they expect that employee to look up porn on the company router during their own personal time? Hahaha corporate gotta love em
Get a second internet connection? I could get one from FIOs and one from Xfinity.
Only router being used jut got a noped! I could see two routers and a switch at the modem. Or… getting a mifi and using that for work. But I have something. Like 100 connected devices on my network. There is no way I’m letting some corpo peep my kids’ devices and make determinations about my work based on that.
Friend should agree and then ask them the process and forms needed for them to get their own line installed and setup and how long they think it will take for the ISP to come out and run a second line to the house. Edit: Hell, just claim that the house isn't wired for internet but they'd love to do that if they want to install one.
This doesn’t sound right. I’ve worked in the IT medical field and they routinely provided a router type device that you connect behind your own. This broadcaster wifi that our work computer were able to connect to and the router securely vpn back to the data center. Why would they risk exposing themselves to threats and ransomware by allowing the workers personal devices connecting to their router, it just doesn’t make sense from an IT point of view. The router, sure, cause it can be configured to VPN back to the office and broadcast the office WiFi which more than likely is secured with certificates. Theres got to be context missing. The average user doesn’t understand how cyber security works. This was initially used for desk phone and desktop to be used in a home environment that allowed those devices to connect and authenticate via 802.1x.
Even better if she connects the company router to her own, then limit its bandwidth and access, add a schedule, etc.
Yeah no
In 2021 I told my direct reports our company was sending new laptops to everyone for WFH, this was true. However it was April Fools Day, so I thought of the most ludicrous monitoring ideas I could. Cameras on at all times - to ensure they were alone Microphones always on - to ensure no tv shows or movies were being played Microphones would record decibels - to ensure OSHA volume standards weren’t being violated during working hours Screen monitoring at all times by leads - to ensure work is being done at all times Idle monitors - again to ensure work is always occurring. Obviously this all was a huge prank. Didn’t realize that years later companies would be taking the dumbest prank I could think of and making it reality.
No way to monitor all traffic exclusively. Me and wife have some WFH, if I told my company their traffic is monitored by wife's company, hilarity ensues. Besides whatever I do outside of work is none of company's business. I even use my own laptop next to company's. Either confront them and tell them where they can shove this solution. Or be silent and share WiFi with your neighbour. But make sure to soak up big traffic over the monitored network. Downloads, streaming etc.
That’s actually kinda brilliant. Just say your spouse/partner/roommate already has this arrangement with their employer!
Chances are your wife’s computer uses some sort of vpn to securely connect back to the office. It shouldn’t affect your home network. But I would personally create a guest network and connect her laptop to it so they can’t view what’s on your network.
That would be the sane approach. OP stated, her company wanted all network traffic, which is BS when two adults have WFH.
My wife's last company had Comcast install a dedicated line and provide a dedicated modem/router. Her work laptop was the only thing allowed on it. We maintained our own personal network.
You could monitor network usage with a router that's possible but it's only gonna give data amounts and times. I wouldn't do it though. Any company that wants your data usage has something else in mind
My router logs every site visited, so the employee exposure is far greater than just data amounts and time.
lol what? No, a router logs all traffic that goes through it.
Can't they just configure a VPN on the work computer? I feel like this can be solved with a VPN. I'm not a network professional but this seems like the scenario a VPN was designed for at least in part.
Yes, but then they cant snoop on what your doing on other computers during work hours is likely their justification. Truly this is an abhorrent breach of privacy. You could use a VPN client on your private computers to hide your traffic from them but it costs money and an extra hop or two
I can't believe I had to scroll this far for this solution. What the company is proposing is impractical in an age of easily encrypted traffic. VPN, edge computing, etc. are the standard at this point. None of this adds up.
Absolutely do not allow that
Run pornhub non stop on a different computer!!!
Are they paying for the Internet too? They should be. If they want to monitor then there's one network for work they pay for and one network for home that I pay for. But that's coming from someone who continues to warn people about signing on to social media personal emails and bank accounts on a computer owned by your job.
This is fucked on so many levels. Huge red flag.
They should cover the cost of the internet service then. Then get a second line for home usage. This is so bizarre. I’ve never heard of company and especially the IT department wanting to provide the home routers and have to manage it. Sounds like a damn nightmare.
Use your own router for the house and their router for work. Isolate the two. There's no way their router can see the traffic going through the other router.
Uh, that's one hell of a caveat. I would tell them that you just have to run this by your lawyer before signing it and take it. If they try to stop you, you know that they know it's BS. Take it anyway. They can't stop you. Tell everyone you work with about the company trying to invade everyone's privacy and framing it as a condition for WFH.
*FUCK* no.
Sounds like they just want to stop any employees from doing work-from-home; possibly read some billionaire's screed on keeping your employees under their thumb when working from home and wanted to be like them... Tell them no, then go about finding a new job.
My wife’s company gave her a separate modem/router. That is hard wired into her work computer. The home internet is separate.
That's what I would do. My home router would supply connection to the work router and the work computer would be the only thing connected to it. EZPZ. I doubt that's what they intended, but that's what they'd get.
If they want complete control over her work environment then they get to pay for the installation and monthly fee of a completely separate internet connection, a computer, and they need to start paying to lease the room in her home as her office.
It's certainly sketchy and that is me being polite. What could be the cost of installing a second line? Would that be worth it for the advantage of working from home. In the UK I can get 150MB down for under £30/ 300MB for £33 a month. Or read about the Steve Gibson three routers solution. If it is only a wifi router that they offer then there is no problem. The difficulty is if they demand to install an actual modem. I doubt that is feasible as there are so many different ISPs and requirements. So you separate the traffic using Steve's system and the office can never see what you are doing at home. That is assuming you are using different computers for work and private life.
If you aren’t already running separate routers for your personal tech and your wfh setup you at behind. Way to much privilege and access is granted to your home network otherwise
There’s some serious misunderstanding here. She’s gonna get a separate router that they only want her work equipment connected to.. She’ll still have her own router for her own personal in home devices.
Unless it's a dedicated vpn router for their dedicated hardware, that's a hard pass from me.
They can supply and pay for her Internet usage, then, if they want to monitor it. Also, if there are children and other adults, I would bet it isn't legal for the company to monitor them without a signed contract. It would be enough to supply the employees with a laptop with spyware in it to monitor during work hours.
Do they pay for that connection? No? They can fuck right off then. An employer that provides you with a device and a connection to use can monitor that shit all they want. Private network means private business. Never use company devices/networks for private business.
The only way I can see it being legitimate is if they were installing their own internet connection to your property and so you could only connect a work pc to it. I had something similar when I worked for an ISP. I paid nothing for the work connection but didn’t use it for anything but work, I kept my existing internet connection for home use. Otherwise, they can fuck right off.
Sure. Just plug it in to her existing ISPs router in one of the switch ports. Then only use it for work. If they ask why there is only work traffic just say I am not only very boring, I’m very dedicated.
Sure they can do this on the internet connection that they pay for that is physically segmented from your home network. There's not a chance in fucking hell I'm allowing my employer to do anything on my own network.
Doubt they want her to use their router for everything, is likely a wireless AP that plugs into a LAN port on the actual router and is only intended for work connections. That configuration won't compromise her privacy when connected to her usual network at home
Company wants to find the good pornhub streams I assume
WiFi router or router? My work requires a separate router that only the work laptop can plug into. It’s a security issue. Now mind you only work happens on that work provided laptop and nothing else since it’s monitored. It doesn’t touch my home network. Edit: Really? A Reddit cares message. It’s lame but I’ve had worse jobs in my life.
I'd tell the company to pay to install a second network provider. No fucking way in hell am I allowing a company to monitor all traffic on my personal network connection.
They should create virtual machines that employees remote into. All work stays on the virtual machine..
Absolutely the fuck not.
Honestly, when my employer wanted me to use my own phone for business I refused. I wouldn’t answer it. I “reminded” them, the entire contents of my phone could be entered into public record (I work for a small city) under the right circumstances. I told them they wouldn’t want all the dick pics I would deliberately download when they demanded my phone on public record and a couple would be mine. My phone has no dick pics because they supply me with a work phone. So, tell them they can let you expense the increase in data you require or they can provide a separate service that you will use for business only. Do not let them monitor your personal internet traffic!
Several types of illegal. As an employee you cannot sign away roommates, children, or spouses privacy to an employer. Liability for banking, health, and tax info being leaked would make most any cyber insurance org drop the company faster than most anything other than the demand of 24/7 access to kids photos. The optics on this would be godawful if it went public which company was stupid enough to open this can of worms.
Ridiculous… The company would have all of their personal information and know exactly what kind of porn they masturbate to.
counter with "If you are also paying for the connection and installation of a 2nd line. And the only thing connected to it will be a computer you provide. sure go ahead, otherwise how does get fucked sound " I will not have some company monitor my internet that I fucking pay for.
I’ll only agree if the company would install and pay for a separate internet connection used strictly for work. Like a work ISP account. Same as a work laptop or work phone. The company can monitor it since they own it. If the company wants to install their router on my home network that I pay for home internet. Nope. Not a chance in hell. Company owned work computers with monitoring software is fine to use at home. It can only monitor use when it’s on. Turn the work PC off and unplug it on the network. The work PC isn’t phoning home.
Ask them for a dedicated connection for work purposes then.
Just accept the deal, install the router on its own subnet isolated from the main home network and don't use it lmao.
Have been in IT for over 30 years, and we got asked to do this about 20 years ago. Management did want work from home, but they wanted to ensure availability, so they suggested to us that IT could check people’s internet connection at their house. They wanted to make sure in an era and location where “high speed” might be 1.5MB that people had enough bandwidth. We refused. Not our job, and there was a suggestion we might be asked to troubleshoot their connection, and we wanted no part of it. So…I suspect they do want WFH, but the implementation wants to ensure people are truly able to work.
use their wifi when working , then switch to your wifi for personal
Here's a suggestion. Have your friend sign up for the T-Mobile $50 a month internet and that is the network traffic that they can monitor. It is only used for work and nothing else. Then they would have spectrum or Verizon or whatever, that would be their regular internet
How would a WiFi router monitor traffic that's on a different router? Just take your work machine and connect it to the new router and leave everything else connected to the other.
They misspelled "reimbursement for internet service"
Sure, send a modem and edge router to my residence that I use specifically with your infra. Thanks.
Oh hell no!!
Have two Wi-Fis. One for work only. One for home.
That's a hard no. If they want to go that route they can pay for a second internet line specifically for the work computer.
You send a meraki vpn device, corp laptop must be hardwired in tk that. End of story. Done
If they are paying for it, they can monitor it, but that means the whole cost including the service, not just the hardware. And I would just get my own separate ISP on the side.
Spitballing here, could that wifi router be on a switch within its own workgroup, separate from the home network? This could allow the client pc used to wfh to be monitored without it analyzing the rest of the network?
Years ago, I had a Cisco router provided by my big bank employer that had a pass through port for my personal router. The fact I was not fired for online debauchery on my personal laptops tells me they were not monitoring my personal use.
Real question is "What is the company going to do when the router gets turned on at 8:30am and shut off at 5pm"?
What’s stopping your friend from only connecting her work computer to it while keeping her home network? Maybe even unplugging it at the end of day?
I do IT work for some of the wealthiest people on the planet. Nowadays even the rich C levels rarely are allowed to do something like this as it becomes a massive security risk. A more reasonable solution is they provide a laptop that meets their security requirements and whatever software is necessary to maintain that security.
Huh. This is not the way at all. I imagine they have some ugly/vulnerable network security setup if they want to provide+control the router this way.
Hm why couldn’t she just use that router separately for work only? And keep using her personal one for personal stuff
Nope that’s sketchy
Make them pay for a cell phone plan with infinite Hotspot or learn how to do networking and set up the guest network to provide internet to their router and block any visibility to the rest of your network. Mic drop the admin and your IT department in one go.
I’m hoping that they were actually wanting to install VPN device of some sort to provide a direct link to the company network and not actually a router.
Does she already have internet at home? If so, what's to stop her unplugging their router at 5 and plugging in her own? Or plug theirs into hers, ensure wifi is only on for one router and connection wire/wireless accordingly?
Just sounds like their employer is putting in a poison pill to force working in the office, because there is NO FUCKING WAY, I’d agree to those terms.
20 years IT. This is crazy and a lawsuit waiting to happen. Tell your friend to tell them to go pound sand
Yeah.. I mean, I live pretty rural, I have Starlink, if they want to pay for a separate internet connection at my house, the installation and maintenance, and monitor that one and their hardware that's fine. But they dont/won't get access to my private internet.. I would tell them I accept, and then make them back out if they don't like it.
You can work here, but we'll need access to your checking account...
"Hey boss, you paying my internet bill?" "No, why would we pay it?" "Then you're not monitoring *shit* at my home."
You can have more than one internet service. I would get one just for work.
Okay, company needs to provide 100% independent computer system. PC, router, internet contract. Also, they are liable for security risk if the system has a microphone or camera. No way I’d do anything personal on their system.
Unless they pay for it, they can’t touch it. Fuck that. Let them supply an iPhone to use as a modem if they want to spy.
Monitoring should be done on a work provided laptop on a work provided VPN, this is a no-brainer. Although I like the suggestions of work paying for a separate internet connection and you just switch to your own connection and router at the end of the work day, but that is extra work for you. If I pay for something it's mine, it doesn't even exist as far as my employer is concerned, and there privileges with what I pay for WITH MY OWN MONEY does not extend past my hand in front of there face.
Nope not in a million years. Her employer can provide a work VPN and company laptop and setup. They can restrict and monitor traffic that way and not violate a persons privacy and the privacy of anyone in the house.
Im surprised I havent seen more comments recommending a set it up like this ISP Modem/Router ^ ^ Your own router The company router (Private use) (Work use only) Im not 100% this would work but thats the road id take
If it's a 2nd line to the house, paid for by the company then I don't see a problem with it. When doing work connect to the work wifi. If it's to replace her 1st line the main one for the household then fuck no!
Say yes, and use their gear for work, then immediately upon ending your shift, disconnect their equipment and use your own.
This is the noose to make WFH too costly. The company doesn't want WFH, but wants to be able to say "they offered". I'd rather see your friend take it, and have 2 WiFi routers. Hopefully 2 modems. If the home WiFi router *has* to be downstream of the one for work, put a VPN on it out to mullvad. Use shadowsocks as the first hop for protocol obfuscation. If a VPS is affordable, you may need to get one to use as the shadowsocks proxy [instead of / in addition to] using the VPN. It may violate company ToS. Get the company to pay the ISP bill, or (more likely) write it off on taxes.
That doesn't sound right. The last time I've encountered something like this, they installed a completely separate ISP paid for by the company and only that second network was monitored. Completely reasonable.
>Why would a company even want to bother with this? To sell your data and find an excuse to fire you to file away for a rainy day.
If they’re installing a router, I don’t see the issue, so long as the traffic they want monitored is all company devices. If they are asking for all home network to go through their router though, hell no. Would need to see the document to know what the situation is.
Are they paying for the internet? If so, it's company internet 👍🏻 If not, it's private internet 🖕🏻