Is it normal for companies to ask for an IP address to whitelist you?

[Lysander]

My wife works for a translation firm and one of their clients has set up a testing environment. They have asked for our IP to whitelist her for the job.

Is this normal? Shouldn't they just set up a portal with a login?

 

[Semple]

If it's a resource that's hosted on aws/azure then it's a good way of protecting it. We've just done that for a load of our virtual dev systems as someone had noticed there were a lot of attempted logins.

 

[GravyMonster]

Yeah, nothing out of the ordinary for dev/staging environments.

 

[iamtheoneneo]

Yes its normal in my job. Only those with the IP can get into the server environment..and the list is kept very small.

 

[Lysander]

OK thank you very much, all.

 

[fez]

I'll add another yes.

 

[Quartz]

They have asked for our IP to whitelist her for the job.

Do you get a static IP address from your ISP? If not then be aware that your IP address could change. So ask your ISP how much extra a static IP will cost and get your wife's employer to fund it.

 

[peterwalkley]

Do you get a static IP address from your ISP? If not then be aware that your IP address could change. So ask your ISP how much extra a static IP will cost and get your wife's employer to fund it.

They don't change that often. Usually you need to have switched off your cable modem for a good few hours before the IP address gets recycled to another ISP customer. In this case its likely not worth the hassle as it sounds like a short-term assignment. Static IP is usually treated as a business connection and likely disproportionately expensive for what the OP's missus needs.

To answer the OP: I'll add a yes too. The client is being careful about security which is a very good sign of competence.

 

[Quartz]

Usually. But it’s something about which the OP and their employer should be aware. And it may be that the ISP does not charge much. It doesn’t hurt to ask.

 

[Sirrel Squirrel]

I work in this area too and it is completely normal.

 

[Ayahuasca]

Pretty normal.

 

[Rroff]

Completely normal if something potentially sensitive is exposed to the web (certain ISO compliance IIRC even mandates it).

EDIT: I'm surprised the company doesn't have something in place though i.e. VPN.

They don't change that often. Usually you need to have switched off your cable modem for a good few hours before the IP address gets recycled to another ISP customer.

Varies a lot ISP/setup to ISP/setup though - my BT connection can go a whole year - I think even 18 months once with the same IP, while my 4G (using Router) changes every time it reconnects (probably due to CGNAT) and when I had a VM connection for awhile that was very hit and miss.

 

[mattyfez]

Connecting to the 'company' VPN would be the more professional way of doing it, but if they've not got a VPN I guess this is the next best thing.

 

[mattyfez]

Do you get a static IP address from your ISP? If not then be aware that your IP address could change. So ask your ISP how much extra a static IP will cost and get your wife's employer to fund it.

In this instance it would be easier (read cheaper) for the company to get you ring up IT to whitlelist your new IP, and delete the old one if/when it changes. it's a 3 min job.

 

[touch]

I have a static IP address on my residential broadband from Vodafone. It was an easy 10 minute call to ask them to set it up and it didn't cost me anything extra.

 

[peterwalkley]

Completely normal if something potentially sensitive is exposed to the web (certain ISO compliance IIRC even mandates it).

EDIT: I'm surprised the company doesn't have something in place though i.e. VPN.



Varies a lot ISP/setup to ISP/setup though - my BT connection can go a whole year - I think even 18 months once with the same IP, while my 4G (using Router) changes every time it reconnects (probably due to CGNAT) and when I had a VM connection for awhile that was very hit and miss.

You're right. I should have said days, not hours - I was conflating two unrelated things in my mind (male scoring null points at multi-tasking...).

Last time I spoke at this level (I work with ISPs and Telcos), a typical lease time in their DHCP server would be 7 days, so you'd need to be offline long enough for that to have expired AND the server needing to re-use it for another customer. If your device is online when the lease expires it just gets renewed for another 7 (or whatever) days.

 

[Rroff]

You're right. I should have said days, not hours - I was conflating two unrelated things in my mind (male scoring null points at multi-tasking...).

Last time I spoke at this level (I work with ISPs and Telcos), a typical lease time in their DHCP server would be 7 days, so you'd need to be offline long enough for that to have expired AND the server needing to re-use it for another customer. If your device is online when the lease expires it just gets renewed for another 7 (or whatever) days.

Wasn't correcting you as such - just expanding on it - while a lot of broadband connections tend to hold the lease over short interruptions an increasing number of people are using 4G and WiFi, etc. connections where it will highly depend and some ISPs are better at it than others.

 

[peterwalkley]

Wasn't correcting you as such - just expanding on it - while a lot of broadband connections tend to hold the lease over short interruptions an increasing number of people are using 4G and WiFi, etc. connections where it will highly depend and some ISPs are better at it than others.

No offence taken - I was mostly correcting myself when I realised from your post my numbers were out And I'll stfu now as this is totally irrelevant to the thread.

 

[goldy6660]

When I worked with a translation tool it was an option to whitelist ips but we went with just open. It wasn't risky customer facing product so was ok