Insecure Wi-Fi

MaaS360 monitors devices that connect to a Wi-Fi network and initiates a remediate action if the network is insecure.

Insecure Wi-Fi networks are networks that you can access without a password or other types of authentication. These networks use older security standards (WEP or TKIP) and weak data encryption. When you connect to insecure networks, your data is transmitted without encryption where hackers can intercept unencrypted information to distribute malware or steal sensitive information such as login credentials and banking details.

MaaS360 identifies an insecure Wi-Fi network based on encryption level and the security standard of that network. When an insecure Wi-Fi connection is detected, MaaS360 initiates a remediation action to notify users about the insecure connection.

Supported devices:
  • Android
Requirements
  • Users must enable the Location service and grant the Location permission to the MaaS360 app to allow MaaS360 to verify Wi-Fi security status on the device.

Deploying endpoint security policies

Policy configuration

You must configure and push EPS policies to detect insecure Wi-Fi connections and initiate remediation actions on managed devices.

Follow these steps to configure Device Security settings:

  1. From the MaaS360 Portal Home page, navigate to Security > Policies.
  2. Open an EPS policy and then click Device Security.
  3. Click Edit.
  4. Configure the following settings:
    Setting Description Supported OS
    Track devices connecting to insecure Wi-Fi MaaS360 enables Device Security on devices to track devices that connect to insecure Wi-Fi networks. iOS, Android
    Remediation action for devices connecting to insecure Wi-Fi Select one of the following actions:
    • Notify user: MaaS360 sends a notification to the user about the insecure Wi-Fi connection.
    • No action: No remediation action is taken on devices.
    Android
    Trusted Wi-Fi SSIDs The list of SSIDs that are exempt from insecure Wi-Fi detection scans. You must configure the trusted SSIDs to avoid device resource drain. Android

Policy assignments

You must assign endpoint security policies to a device, user, device group, or user group from the corresponding workflows. For more information about policy assignments, see Configuring endpoint security policies.

Configuring risk rules

When an insecure Wi-Fi connection is detected, MaaS360 creates a risk incident and then validates that risk incident against the risk rule to calculate the severity and risk score for devices and users. By default, the risk rule for insecure Wi-Fi connection is enabled in the MaaS360 Portal. You can use the Risk Rule Configurator to disable the risk rule or adjust the severity.
Note: This risk applies to Android and iOS devices only.
Follow these steps to configure risk rules for insecure Wi-Fi connection:
  1. From the MaaS360 Portal Home page, navigate to Security > Security Management > Risk Rule Configurator.

  2. Configure the following settings:
    Risk rules
    • Insecure Wi-Fi

    Condition: Define the severity based on the number of instances a device connects to an insecure Wi-Fi network.

    Default Condition
    If the number of times a device connects to an insecure Wi-Fi network is ... Then the severity is ...
    Greater than 5 High
    Between 3 and 4 Medium
    Less than or equal to 2 Low

What happens when insecure Wi-Fi connections are detected on the device?

MaaS360 supports the following detection and response capabilities for insecure Wi-Fi:
  • Generates an alert about the insecure Wi-Fi connection to users in real-time.
    Insecure notification users
  • Updates the security status of the device in the Security app.
    Insecure Wi-Fi detection
  • Displays the list of insecure Wi-Fi connections in the Security app. Users can use the Security app to disconnect insecure Wi-Fi connections.
    Insecure Wi-Fi connection disconnect
Note: MaaS360 cannot verify the security status of the Wi-Fi connection if users did not enable the Location service and grant the Location permission to the MaaS360 app. MaaS360 displays the following screens in the Security app to obtain the user's consent for those permissions.
     
Wi-Fi Location Access Wi-Fi Location Access Wi-Fi Location Access

Tracking insecure Wi-Fi incidents on the Security Dashboard

Devices report insecure Wi-Fi incidents to the MaaS360 Portal in real-time. If those incidents meet the Risk Rule criteria set by administrators, MaaS360 generates a risk incident in the dashboard.

Follow these steps to track security violations and incidents on the Security Dashboard:
  1. Go to Security > Security Dashboard.
  2. In the Top risk incidents widget, click the Affected devices link:
    Insecure Wi-Fi dashboard
    The affected devices are displayed.
    Insecure wifi dashboard
  3. Click on the username. The User Summary page displays all the risk incidents against the affected device.
    Insecure wifi dashboard
  4. Click Insecure Wi-Fi to view more details about that risk incident.
    Insecure Wi-Fi dashboard

For more information about other common widgets on the Security Dashboard, see Tracking security events on the Security Dashboard.