Join InCommon

07
Oct.
2024

IAM Online Community

Speaker Spotlight: 7 Things You Should Do to Improve Your User’s Security on eduroam

Share

Array

Estimated reading time: 5 minutes

By: Jean Chorazyczewski, InCommon Academy Director

IAM Online: October 2024 Speaker Spotlight Article

eduroam was started to enable roaming access for researchers. It has since evolved to serve as a standard configuration approach for wireless access in education and research and network trust and privacy have become paramount.

On Wednesday, Oct. 16, 2024, at 1 p.m. ET, join Margaret Cullen and Josh Howlett from the eduroam US operations team for a deep dive into practical strategies that can enhance your eduroam deployment’s security. They’ll share how to implement simple changes that reduce data leaks, promote privacy-preserving user behavior, and make it easier for eduroamers to connect seamlessly to your hotspot.

Derek Eiler, principal systems engineer at the Nevada System of Higher Education and eduroam Advisory Committee member, will moderate the webinar.

Margaret Cullen posing for a profile picture.
Margaret Cullen
Josh Howlett posing for a profile picture.
Josh Howlett

The eduroam Advisory Committee is working to introduce new Baseline Expectations, and this webinar offers a timely opportunity to get ahead of the curve.

In anticipation of the event, we spoke with the speakers to get their insights on the importance of eduroam security and the challenges organizations face in maintaining it. Here’s a preview of Josh’s thoughts:

Q: Why is improving eduroam security and performance an important topic for higher education institutions right now?


Eduroam has outgrown its roots as a convenience for visitors. Increasingly, it’s how all users – and not just visitors and mobile users – get connected. As a core part of the campus and student experience, it’s essential that institutions think about their eduroam provision as they would any other mission critical service. 

What was “good enough” five years ago may no longer be sufficient for a service that so much of the university’s activities depend on. Security and performance are key properties of any important service, and that includes eduroam.

Q: What are some common challenges institutions face when trying to enhance the security of their eduroam network?


Enterprise WiFi solutions are designed for deployment within the context of a single organization. This means they make assumptions that might not be appropriate for eduroam. 

Because eduroam is based on standards-based technologies, all these enterprise wireless products can work with eduroam. However, these assumptions can lead to configuration choices that might not be optimal for performance or security. 

Unfortunately, the technology is complex, and the issues can be subtle. This makes it hard for institutions to be confident they’re making the correct deployment and configuration choices.

Q: What advice would you offer to institutions looking to fine-tune their eduroam setup and improve its security?


It’s a great idea to talk to your peers, as they may have valuable experience and information, particularly if you’re using the same vendor(s). InCommon has a mailing list for eduroam administrators where you can pose questions and connect with others. If you’re not already subscribed, visit eduroam admins where you can subscribe directly to the list.

The Internet2 eduroam team also provides technical support. We’re always delighted to talk to institutions looking for advice and guidance. This is particularly true for performance and security issues because these can impact other institutions — not just your own.

Q: What advice would you offer to your peers about approaching the implementation of eduroam at scale?


It is possible to deploy eduroam at a small scale with few new resources. That’s because these deployments simply reuse systems (such as an existing wireless LAN controller or a RADIUS server) already being used for other services. This is where almost everyone starts out.

It is a great way to gain some early operational experience, but operating eduroam at scale, like any important service, requires careful planning and resourcing. There’s obviously infrastructure capacity to consider, but there are other non-technical issues that are just as important. 

How are you going to onboard and support thousands of users? What should be logged, and how long should you retain this? Does your network Acceptable Use Policy consider this style of access? Do you want to consolidate all WiFi access on the eduroam SSID, or broadcast multiple SSIDs?

As before, the best idea is to connect with your peers and the Internet2 eduroam team. Let their hard-won experience do the heavy lifting for you!

Q: What do you hope attendees will learn from your presentation about enhancing privacy and security in their eduroam deployments?


We often hear the same questions and concerns from institutions; many of these are addressed by this presentation. I hope we can explain the issues and offer solutions to these recurring questions so attendees can fine-tune their deployments with confidence.

Join Us for IAM Online

This webinar promises to be a valuable session for anyone looking to enhance their eduroam network. Be sure to register and join us for insights and practical tips that will help you take your network’s security to the next level. 

Please join us online for “7 Things You Should Do to Improve Your User’s Security on eduroam” on Wednesday, Oct. 16, 2024, at 1:00 p.m. ET.

  • Have you already registered for IAM Online in the last year? You will automatically receive Zoom coordinates for current and future IAM Online webinars—you only need to register once.
  • Yet to attend an IAM Online webinar? Register today for free!
  • Webinar details will be emailed directly to all registrants on the morning of the event.
  • Do you have ideas for IAM Webinars you would like to watch? Fill out this form and let us know what you’d like to see.

Register Today

© Copyright 2024 InCommon.

Site Design by FIREANT STUDIO