Insecure Wi-Fi
IBM® MaaS360® monitors devices that connect to a Wi-Fi network and initiates a remediating action if the network is insecure.
Insecure Wi-Fi networks are networks that you can access without a password or other types of authentication. These networks use older security standards (WEP or TKIP) and weak data encryption. When you connect to insecure networks, your data is transmitted without encryption where hackers can intercept unencrypted information to distribute malware or steal sensitive information such as login credentials and banking details.
IBM MaaS360 identifies an insecure Wi-Fi network based on encryption level and the security standard of that network. When an insecure Wi-Fi connection is detected, MaaS360 initiates a remediation action to notify users about the insecure connection.
- Android
- Users must enable the Location service and grant the Location permission to the MaaS360 app to enable IBM MaaS360 to verify Wi-Fi security status on the device.
Deploying endpoint security policies
Policy configuration
Configure and push EPS policies to detect insecure Wi-Fi connections and initiate remediation actions on managed devices.
Follow the steps to configure Device Security settings.
- From the IBM MaaS360 Portal home page, go to .
- Open an EPS policy and then click Device Security.
- Click Edit.
- Configure the following settings.
Setting Description Supported OS Track devices connecting to insecure Wi-Fi MaaS360 enables Device Security on devices to track devices that connect to insecure Wi-Fi networks. iOS, Android Remediation action for devices connecting to insecure Wi-Fi Select one of the following actions: - Notify user sends a notification to the user about the insecure Wi-Fi connection.
- No action does not perform any remediation action on the devices.
Android Trusted Wi-Fi SSIDs The list of SSIDs that are exempt from insecure Wi-Fi detection scans. Configure the trusted SSIDs to avoid device resource drain. Android
Policy assignments
Assign endpoint security policies to a device, user, device group, or user group from the corresponding workflow. For more information about policy assignments, see Configuring endpoint security policies.
Configuring risk rules
-
From the IBM MaaS360 Portal home page, go to .
- Configure the following settings.Risk rules
- Insecure Wi-Fi
Condition: Define the severity based on the number of instances a device connects to an insecure Wi-Fi network.
Default ConditionIf the number of times a device connects to an insecure Wi-Fi network is ... Then the severity is ... Greater than 5 High Between 3 and 4 Medium Less than or equal to 2 Low
What happens when insecure Wi-Fi connections are detected on the device?
- Generates real-time alerts: Users receive notifications about insecure Wi-Fi connections on their device. These notifications typically appear on the device notification center.
- Updates the security status: The device security status is reflected in the . This status is indicated by a color-coded icon or a clear message.
- List of insecure Wi-Fi connections is displayed in the tab.
- Users can use the Security app to disconnect insecure Wi-Fi connections.
Tracking insecure Wi-Fi incidents on the Security Dashboard
Devices report insecure Wi-Fi incidents to the MaaS360 Portal in real-time. If those incidents meet the Risk Rule criteria set by administrators, MaaS360 generates a risk incident in the dashboard.
- Go to .
- In the Top risk incidents widget, click the Affected devices numbered link. The affected devices with details are displayed.
- Click the username. The User Summary page displays all the risk incidents against the affected device.
- Click Insecure Wi-Fi to view more details about that risk incident. This risk rule applies to Android and iOS devices only.
For more information about other common widgets on the Security Dashboard, see Tracking security events on the Security Dashboard.