Re: quick poll please.. unauthenticated wireless

["Parker, Ron" <Ron.Parker () BRAZOSPORT EDU>]

In answer to your questions: 1) We don't allow any unauthenticated access, anywhere, including our conference 
center/corporate training facility. 2) Not encrypted. Users are strongly encouraged to use their VPN client. 3) Same 
network but some minor filtering between it and the main network based on user credentials.


If you are getting pushback from conference facility people, try the following argument: "Imagine this scenario. I get 
a visit from the FBI about a child pornography problem coming from our network. Based on the information the FBI 
provides to me, I try to track down this user and find that it was someone using the conference center wireless 
network. Since the conference center provides unauthenticated wireless access, I have no way of knowing who was using 
the IP address in question. That means that I will have to provide a list of everyone who attended your conference 
events during the time period in question and the FBI will have to question them in order to figure out who engaged in 
this illegal activity."

For our conference facility the compromise we reached was that they have a guest account that they can give to their 
attendees. That account only works in the conference facility. The conference facility staff are responsible for 
changing that password every week and controlling who gets it. It is not impossible for an outsider to get the password 
but it is difficult. This is not our final solution but it is what we can do with the systems we have in place 
currently. We are working on a better guest authentication model that will let them distribute individualized access 
credentials when people sign up for events.

We have a different guest account for general college use. Again, you have to talk to a college employee in order to 
get that password and it changes weekly.

--
Ron Parker, Director of Information Technology, Brazosport College
Voice: (979) 230-3480             FAX: (979) 230-3111
http://www.brazosport.edu


From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Barros, 
Jacob
Sent: Tuesday, April 20, 2010 2:26 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] quick poll please.. unauthenticated wireless

Getting kick back about our model of wireless network access and I need a quick poll:

Do you offer unauthenticated wireless for conference facilities?
Is that wireless encrypted?
Is it a completely separate network / just internet access only?

Thanks.

Jacob Barros
Network Administrator
Grace College and Seminary
jkbarros () grace edu
574-372-5100 x6178