Webinar: Learn how to improve WFH security in our Sept. 29 webinar with a former General Electric CIO & an industry analyst Register today

Microsoft WiFi Sense Hurts WiFi Security




Note: WiFi Sense was a new feature built into the first Windows 10 update in 2015. However, in the Summer of 2016 this feature was disabled in the Windows 10 Anniversary update.

Blair Hanley Frank recently penned an article about Microsoft’s inclusion of its WiFi sense functionality into Windows 10. WiFi sense enables friends and colleagues to share their WiFi access. Users simply share their WiFi network access to their contacts, which could potentially include all of their Facebook friends.

WiFi Sense and Security

WiFi Sense a Security feature?

Perplexingly, Microsoft is claiming that this feature is actually a security feature. The idea is that by letting the computers share the WiFi access, you don’t need to actually share the passphrase. Furthermore, Microsoft is claiming that anybody that receives this shared access will only be able to access the Internet and not other resources on the network. It’s unclear what safeguards Microsoft puts in place around this, but an enterprising hacker may be able to circumvent them, so placing that responsibility in the client is a gamble. Network access should be controlled in the infrastructure, instead of placing that trust in the server.

The problem with this functionality is that users may inadvertently share access to their company’s network. If sharing isn’t explicitly turned off for all of your employees, you just don’t know where your access has been transferred. While those users who have the shared credentials may not have the explicit passwords, they still will know that they can access a network. As an IT admin, this is the type of risk that will keep you up at night. Controlling who has access to your network is a fundamental part of the job.

Keep Your WiFi Network Protected

Guard against WiFi Sense with RADIUS-as-a-Service

JumpCloud’s Directory-as-a-Service solution resolves the open security hole that Microsoft’s WiFi Sense creates through the implementation in Windows 10.

With JumpCloud, there’s no passphrase to share through WiFi Sense, each login is authenticated to a specific username and password. That means that you still can control access to your network on a user-by-user basis, without the heavy lifting. Most importantly, Microsoft’s functionality doesn’t do an end run around your network controls.

If you’re an IT admin, your favorite part may be that you no longer need to worry about training your users not to share their network accounts via WiFi Sense. You simply leverage JumpCloud’s cloud-based directory service with RADIUS integration to provide control over each user’s access.

To learn more how JumpCloud protects you from the Microsoft’s WiFi Sense functionality, drop us a note. We also encourage you to sign up for a free account. Your first 10 users are free forever.


Recent Posts
With the major macOS update coming this fall, IT admins need an Apple MDM to manage their Big Sur Macs. You can find one here for free.

Blog

Free Apple MDM

With the major macOS update coming this fall, IT admins need an Apple MDM to manage their Big Sur Macs. You can find one here for free.

Many IT admins signed-up for G Suite and were able to rid themselves of the pain of Microsoft Exchange, but they’re still holding on to AD.

Blog

Using G Suite and Active Directory? There’s a better way.

Many IT admins signed-up for G Suite and were able to rid themselves of the pain of Microsoft Exchange, but they’re still holding on to AD.

IT Manager Justin Price joined a recent JumpCloud Office Hours panel to share his journey to implement his company’s first directory platform.

Blog

Office Hours Recap: Talking Favorite Features and More With Justin Price

IT Manager Justin Price joined a recent JumpCloud Office Hours panel to share his journey to implement his company’s first directory platform.