Re: [WIRELESS-LAN] WPA3/OWE as campus solution?

2021-04-22 Thread Jonathan Waldrep
On 2021-04-22 15:03:42-0500, Coehoorn, Joel wrote: > One other thing to keep in mind when considering an open access > environment is it's only the default and doesn't have to be the final > word. If you see a suspicious or malicious device, you can still force > it back behind a captive portal to

RE: [WIRELESS-LAN] WPA3/OWE as campus solution?

2021-04-22 Thread Jeffrey D. Sessler
Chuck, The key that you touch on is that this has to do with the organization's appetite for risk, and what legal says is defensible. Tell me the rules as you see them and I'll make adjustments accordingly to my Joo Janta 200 Super-Chromatic Peril Sensitive Sunglasses. Jeff From: The

Re: [WIRELESS-LAN] WPA3/OWE as campus solution?

2021-04-22 Thread Coehoorn, Joel
One other thing to keep in mind when considering an open access environment is it's only the default and doesn't have to be the final word. If you see a suspicious or malicious device, you can still force it back behind a captive portal to get or re-up whatever user info you want before granting

RE: [WIRELESS-LAN] WPA3/OWE as campus solution?

2021-04-22 Thread Enfield, Chuck
I agree. I've been involved with decisions where we ask lawyers what we should do, and we get the easiest, low-risk answer. We should decide what we'd like to do, then ask lawyers how best to do it and what the remaining risks are. All business decisions should be based on risk and reward.

RE: [WIRELESS-LAN] WPA3/OWE as campus solution?

2021-04-22 Thread Floyd, Brad
We as IT people can discuss the merits of captive portal / no captive portal, authentication / reasonably knowing if a device is doing something bad, etc. We are asked all of the time what our recommendations are in these circumstances and we should weigh in with our opinions. However, it seems

RE: [WIRELESS-LAN] WPA3/OWE as campus solution?

2021-04-22 Thread Enfield, Chuck
We discussed all those issues, and no doubt it opens a smelly can of worms. Most of these issues come into play simply by allowing employees to use personal devices. If you allow for personal device use, requiring their use didn't create many additional legal issues. I feel like I need to

RE: [WIRELESS-LAN] WPA3/OWE as campus solution?

2021-04-22 Thread Jeffrey D. Sessler
For sure, my lens is based on California law, however, the federal Fair Labor Standards Act and state overtime and wage payment laws also come into play here. Since nonexempt (hourly) workers have ready access to the technology, they will be in a position to respond to e-mails and text

RE: [WIRELESS-LAN] WPA3/OWE as campus solution?

2021-04-22 Thread Enfield, Chuck
Jeff, It makes sense that you think this is settled law, because in California it is settled law. I don't recall all the details, but I was on a team involved with considering mobile device policies for Penn State, and we discussed a case in California around 2014/2015 that clarified

RE: [WIRELESS-LAN] WPA3/OWE as campus solution?

2021-04-22 Thread Lee H Badman
FWIW, I'm finding all of this very interesting and informative. Lee Badman | Network Architect (CWNE#200) Information Technology Services (NDD Group) 206 Machinery Hall 120 Smith Drive Syracuse, New York 13244 t 315.443.3003 e lhbad...@syr.edu w its.syr.edu Campus

Re: [WIRELESS-LAN] WPA3/OWE as campus solution?

2021-04-22 Thread Tim Cappalli
Don't remember saying anything about employees being forced to do anything... We're so far off topic at this point. I'm done. From: The EDUCAUSE Wireless Issues Community Group Listserv on behalf of Jeffrey D. Sessler Sent: Thursday, April 22, 2021 1:05:35 PM

RE: [WIRELESS-LAN] WPA3/OWE as campus solution?

2021-04-22 Thread Jeffrey D. Sessler
Tim, I would take a look at case law, where it was determined that an employer can not expect an employee to use their own device without compensation. This has resulted in two scenarios now. The first being that the employer provides the employee with a stipend to compensate them for use of

RE: [WIRELESS-LAN] WPA3/OWE as campus solution?

2021-04-22 Thread Anderson, Chuck
Company-owned devices don't always have the opportunity to be onboarded by staff before the device gets into the hands of the end user, especially in this current environment where everything is drop-shipped from the vendor or service provider and never even touches corporate headquarters.

Re: [WIRELESS-LAN] WPA3/OWE as campus solution?

2021-04-22 Thread Tim Cappalli
Well, I can tell you that is just not the reality. Sorry! From: The EDUCAUSE Wireless Issues Community Group Listserv on behalf of Jeffrey D. Sessler Sent: Thursday, April 22, 2021 12:04 To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN]

RE: WPA3/OWE as campus solution?

2021-04-22 Thread Jeffrey D. Sessler
My experience may be different that others, but with tools like netflow, SIEM, location, and other assurance tools, a operator of a network service generally has a pretty good picture of what’s happening, and can rapidly pinpoint problematic devices. These tools also allow for rapid

RE: [WIRELESS-LAN] WPA3/OWE as campus solution?

2021-04-22 Thread Jeffrey D. Sessler
On 2021-04-21 21:30:53+, Tim Cappalli wrote: > I'd also like to address the comment about post-college experience. > > Most organizations these students are going to work at are going to > require MDM or MAM on their personal devices. So I fundamentally > disagree with the comment that