I'm hoping someone can ease my mind here and tell me if I'm being a paranoid weirdo, or if this is legitimately strange.
My wife works from home with a company issued laptop. She's a teacher and she's on Zoom with students for hours a day. We've never had any issues with our network over the last three years that she's been a virtual teacher.
There's a new tech support guy at her company who's issued new rules. She had a "tech check up" with him yesterday in which he said he's going to need:
Pictures of our cable modem and routers including serial numbers and MAC addresses.
Pictures of any hardware between the cable modem and routers, including serial numbers and MAC addresses.
Pictures of any hardware between router and company issued laptop, including serial numbers and MAC addresses. This is to include any other personal computers that may be on the same segment of the network.
Is this just good, preemptive tech support and I'm overthinking it?
My first thought was that I am not sending him the info on my own, personally owned cable modem, routers and hardware firewall, so he's getting photos of the old Spectrum equipment they dropped off that's been sitting in the closet for a decade, and we'll just tell him it's a VLAN all to itself(which it is). But after sleeping on it I thought that maybe I'm overreacting.
π©π» Jess "GirlGerms" Dodson :ferdiverified: :donor: reshared this.
Peter Healy
•π©βπ» Jess "GirlGerms" Dodson :ferdiverified: :donor:
•OOF. I've just retooted this into the infosec.exchange instance, so you might see a few more folks chiming in.
100% no. There is absolutely no need, unless they're planning on paying for an upgrade of equipment - and even then, they should only need model numbers, not serials and MACs. I cannot imagine that their security logging is tracking that information and they're filtering based on that, especially if there is a VPN in use.
The idea that this person also wants serials and MACs of other personal devices - there is something dodgy going on here and it's raising serious red flags. This is a HUGE overreach. I would definitely be pushing back and taking it higher - chances are, some folks have already provided what he's asked for.
Tindra
•@girlgerms youβve already gotten good answers. Which is: NOPE
The one thing Iβll add: was this βthe IT guy said verballyβ or βthe IT guy shared a real, approved policyβ?
If the former, start by asking for the latter. If the latter? Uh, Iβd start researching local labor laws. And possibly prospective employers.
Cat πββ¬π°οΈβ
•Tindra
•Cat πββ¬π°οΈβ
•Tindra
•silverwizard
A Concerned Scientist likes this.
π©βπ» Jess "GirlGerms" Dodson :ferdiverified: :donor: