Skip to content

Wi-Fi Connection

Remote device permission policies can be configured for public Wi-Fi connectivity. These policies allow you to block access to public Wi-Fi networks for specific devices or groups of devices. Policies can be applied to Windows and macOS devices.

Public Wi-Fi networks

Public Wi-Fi networks, found in places like coffee shops, airports, and hotels offer convenient internet access for users on the go. However, they come with significant security vulnerabilities. Connecting to public Wi-Fi can expose your sensitive data to potential threats as these networks are often unsecured and easily targeted by cybercriminals. It's crucial to exercise caution and take appropriate measures to protect your privacy and security when using public Wi-Fi.

Blocking public Wi-Fi access on a device provides the following benefits:

  • Enhanced security
  • Protection for data privacy
  • Minimize exposure to threats

Wi-Fi connectivity policies

Coro offers two Wi-Fi connectivity policies:

  1. Allow connection to all encrypting networks: Blocks access to all public Wi-Fi networks, and only allows access to WPA+ (WPA and higher) networks.
  2. Allow connection to specific connections: Blocks access to all public Wi-Fi networks. Only networks with specific SSIDs (the unique names assigned to wireless networks) are allowed.

Note

If no policy is applied to a device, that device has no restrictions on Wi-Fi connectivity.

Configuring Wi-Fi connectivity policies

To configure a new public Wi-Fi blocking policy:

  1. From the Device Posture tab, select + ADD.

    Add new device posture policy

  2. Select the device operating system to which the new policy will be added (Add to macOS or Add to Windows).

    The Add new device policy dialog is displayed.

  3. Select Wi-Fi Connection from the Select policy type dropdown:

    Wi-Fi policy attributes

  4. Select a Connection option, see Wi-Fi connectivity policies.

  5. Enter label names (predefined or custom) to the Labels field listed under Apply policy to devices with these labels to apply the new policy to specific groups of devices.

    Apply the device posture policy to groups of devices

  6. Select SAVE to save your new policy with the configured settings.

    The policy is created.

The policy can be viewed by selecting the dropdown next to Wi-Fi Connection on the Device Posture tab. See Device posture.

The following policy details are displayed:

  • Device labels applicable to the policy.

  • If Allow connection to specific connections was selected, the number of Wi-Fi networks allowed by the policy is displayed:

    Wi-Fi policy applicable to specified networks.

  • if Allow connection to all encrypting networks was selected, Encrypted is displayed:

    Wi-Fi policy applicable to all encrypted networks.

Policy enforcement

After the policy is configured and you attempt to connect to a public Wi-Fi, the connection attempt fails and a Forbidden Wi-Fi Connection ticket is created which is auto-closed, and no actions are available.
Forbidden Wi-Fi Connection ticket.

Additionally, an entry is created in the Activity Log for the specific device:

Wi-Fi connection failure in the Activity log.

The Coro Agent UI displays the following notification: Coro Agent notification.

Additionally, the Coro Agent displays a pop-up notification: Coro Agent pop-up notification.