New Process for Quarantining Compromised Devices

The Office of the Chief Information Officer’s Networking and Enterprise Security teams are collaborating to modify how devices compromised by malware and other security threats are suspended from OCIO’s wireless networks. Affected networks include osuwireless, WiFi@OSU and eduroam.

Previously, Ohio State accounts were prevented from authenticating on osuwireless and eduroam from any device regardless of which device had been compromised.

Now, a user’s entire account will no longer be suspended from authenticating on OCIO’s wireless networks when a security threat is detected on one of his or her devices. The compromised device will be quarantined, but the user will still be able to connect to wireless on other devices while waiting to resolve the issue. In order to enhance university security, this change will also apply to guests using WiFi@OSU or eduroam.

When a user’s device is quarantined, he or she will receive an email with detailed information as to what device was quarantined and why, as well as a request to contact the IT Service Desk to resolve the issue. Any attempts to authenticate to wireless on the compromised device will be re-directed to a captive portal also asking the user to contact the IT Service Desk.

After the user has contacted the IT Service Desk and resolved the issue, his or her device will be reinstated and he or she will once again be able to connect to the wireless networks on that device. The suspension will also be deactivated if 30 days have passed.

Please note that existing processes may still suspend a user’s access, and there may special cases where a user’s entire account is suspended, not just the affected device.

Questions regarding this process improvement should be directed to the IT Service Desk at 614-688-HELP (4357) or 8help@osu.edu.