I've recently started working at a managed services provider (MSP), and I've noticed that we have a lot of outdated DrayTek routers for our clients—about 30 of them haven't been updated since 2016! The rest are on more recent builds, but it worries me that many are older than 2023. I've been learning about hardening security, and this is a big concern for me now. However, my colleagues don't seem to care about this issue, and my company is too frugal to invest in automated solutions for monitoring or updating these devices. With limited hours to work (9 to 5), out-of-hours updates seem like the only option. What should I do or suggest to address this problem, and what's the best strategy for getting these routers updated?
5 Answers
I’d suggest getting those routers scanned for vulnerabilities. If you can show your team the risks involved with not updating them, it might press the right buttons and get them to act. Sometimes, numbers and facts can motivate even the most stubborn people to take action.
You could try building a simple scraper to monitor the firmware versions of your DrayTek routers. I did something similar in a previous job to track DSL quality and disconnect events. With some basic coding, you can automate the process of checking their versions and flagging outdated ones.
Sounds like your MSP is pretty disorganized if they don’t even track who’s logged into each router! Setting things to auto-update during maintenance hours would help a lot, but someone needs to take ownership of that process.
Honestly, this is why I wouldn’t want to be in a position like yours. Updates seem like a minor task, but they can cause major issues, so most MSPs ignore it. It’s frustrating because clients think they’re covered when in fact, they might not be informed about the risks. You should definitely put this in writing to the higher-ups, but don’t expect much change. Just keep records of your suggestions in case anything goes wrong later on.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures