Daily Buzz: Tell Your Employees to Check Their Router’s Firmware Security
A new report shows that home routers are affected by hundreds of security vulnerabilities. Also: Your onboarding program should benefit members first.
Want to protect your remote employees from cyberattacks? Tell them to check their home routers, which could be leaving them vulnerable.
ZDNet reports that Germany’s Fraunhofer Institute for Communication (FKIE) carried out a study involving 127 home routers from seven brands—Netgear, ASUS, AVM, D-Link, Linksys, TP-Link, and Zyxel—to check for the presence of known security vulnerabilities in the latest firmware.
The results? Appalling, writes ZDNet’s Liam Tung. The study found that 46 routers hadn’t gotten a single security update within the past year and that many routers are affected by hundreds of known vulnerabilities. About 90 percent of the routers in the study used a Linux operating system, but manufacturers weren’t updating the OS with fixes made available from Linux kernel maintainers.
On top of that, the study found that vendors who are shipping firmware updates are doing so without fixing known vulnerabilities, meaning even consumers who install the latest firmware are not safe.
“The bottom line … is that you should research [manufacturers] before purchasing your next router, and see what their track record is like with respect to security updates and firmware upgrades,” says Brandon Hill on HotHardware. “Don’t let attractive pricing take your eye off the ball.”
FKIE assessed that ASUS, Netgear, and particularly AVM do a better job on some aspects of securing routers than D-Link, Linksys, TP-Link, and Zyxel, but urged the industry to do more to keep users safe.
“To sum it up, much more effort is needed to make home routers as secure as current desktop or server systems,” the report says.
Focus on the Member Experience First
Ready to onboard new members and employees? Don’t bombard them with paperwork and protocols right off the bat, suggests Smooth the Path’s Amanda Kaiser.
“If your association’s onboarding process is administratively focused, it is time for a change,” she says. “What do your new members need to know today? What problems are they struggling with that you have the solution to? How can you show them that they have just entered a large community of like-minded peers?”
Build your onboarding programs around what members need, not what the association needs.
Other Links of Note
The key to effective nonprofit video engagement is eliciting emotions in the audience, argues a recent post from Nonprofit Tech for Good.
Remote work has opened up more opportunities for cyberattacks. TechSoup identifies multiple ways your nonprofit can improve remote security.
What will successful leaders of the future have in common? They’ll focus on three key adjectives: inclusive, interpersonal, and representative, says Ulysses Smith on Quartz at Work.
(deepblue4you/E+/Getty Images Plus)