cl-nz logo
Story image

How can you overcome the device enrolment nightmare?

23 Mar 2016

The education sector has redefined the way students learn with digital tools. WiFi networks are a must when delivering online curriculums, learning assessments and educational content among students and teachers.

Many mobile devices have been integrated into the student’s learning process, which means schools, Universities and other educational institutions need a WiFi network that can handle a high density of devices with speed and reliability.

Schools of all types face unique challenges in ensuring secure wireless connectivity for a wide range of device and user types. Faced with limited IT staff and new students each term, schools need a way to enable self-service onboarding that can recognise and assign distinct policies for students, devices and for IT-owned vs bring-your-own-devices (BYOD).

Secondary schools and Universities especially are challenged by the proliferation of mobile devices on campus and the increasing demand for online educational content. Students, faculty and staff expect wireless connectivity to be available just as readily and reliably as the lights coming on in a room.

The demand for Gigabit Wi-Fi is being fuelled by the need for wireless bandwidth in and out of the classroom, and the influx of increasingly powerful Wi-Fi devices to access online class material, enable student collaboration, research for student projects and many other online activities on campus.

However, WiFi networks in education continue to be plagued by persistent issues – particularly in regards to password changes and onboarding. Password based networks experience high rates of user disruption based on password changes.

So schools need a solution that is easy to deploy, easy to manage and comes with security in mind. The solution has been available for a long time. It’s certificate-based WiFi, in the form of WPA2-Enterprise with EAP-TLS. Certificates eliminate passwords from WiFi, meaning that passwords are neither cached on devices, nor transmitted on every connection attempt and connectivity continues to function in spite of password changes. Essentially, a device registered once should continue to function throughout the year despite password changes.

However, WPA2-Enterprise was originally designed for environments consisting of managed devices and, therefore, required detailed client configuration to use properly. Setting up the infrastructure requires detailed knowledge, the overheads to support it and the need to manage the lifecycle of the certificates. Schools typically do not have the budgets or the IT resources to manage these enterprise class networks.

Luckily, there are solutions available on the market that leverage WPA2-Enterprise security and provide an automated, self-service model to ensure devices are properly configured and connected to the secure network without IT involvement. Students and teachers can simply be directed to an on-boarding SSID, accept the school policies and a security certificate will be delivered to that device. This simple method significantly reduces the time and complexity of onboarding thousands of students and teachers, as well as any third party ‘guests’, onto a secure wireless network.

By investing in solutions that automatically handle the secure onboarding of devices, schools can save hundreds of hours and dollars. For example, typically it can take 20 minutes to set up and troubleshoot wireless connections. Multiply that one task by 10,000 students and it quickly leads to 200 days of productivity loss for IT and, more importantly, 200 days of learning lost by students. By utilising an automated solution, schools can free up staff to spend more time developing better services for their students, instead of having to constantly fix the password pickle.

If you would like to know more, click here