Enterprise Wi-Fi: we need devices that are secure by default

Type:

Jour

Authors:

Alberto Bartoli, Eric Medvet, Andrea De Lorenzo, Fabiano Tarlao

In:

Communications of the ACM (CACM)
(rank Q1 in General Computer Science)

Year:

2019

Links and material:

Abstract #

Wireless networks have become an essential component of virtually every enterprise. The security technology for these networks (WPA2 Enterprise) has been designed for a world that is very different from today’s world. Basic assumptions for secure deployment of the technology are now violated systematically. As a result, Wi-Fi enabled personal devices are typically at risk of leaking single sign-on enterprise credentials everywhere and without any need of explicit action from their owners. It is necessary to emphasize this pervasive yet largely underestimated risk.