UGuest wireless network to require access code
An SMS (text message)-capable phone and access code will soon be required to connect to UGuest, which provides visitors to the University of Utah and University of Utah Health with basic, unencrypted wireless internet access.
The requirement, which is in pilot testing, aligns with recent updates to Policy 4-004: Information Security Policy, specifically section D of Rule 4-004A: Acceptable Use:
“All University of Utah client networks must require users to authenticate via password or other secure authentication mechanisms which allows users to be uniquely identified. It is the responsibility of the department or college operating the network to ensure that adequate information is retained to allow the university to respond to lawful requests for information by appropriate law enforcement agencies within a reasonable timeframe.”
The UGuest access code requirement has been vetted and approved by the U’s Architecture & New Technology Committee, Strategic Information Technology Committee, and Academic Senate in consultation with the Information Security Office and Office of General Counsel.
The measure, Chief Information Security Officer Corey Roach said, “strikes a reasonable balance between being good internet citizens and not placing too excessive or intrusive a burden on our users.”
“Like everyone else, I certainly appreciate using technology that has few barriers and provides as much privacy as possible. The university’s UGuest network has been extremely useful in providing internet access to our guests and collaborators,” Roach said. “However, the university also has an obligation to help protect our community and respond to lawful information requests when necessary.”
A go-live date for the UGuest access code requirement is not yet determined. Once a date is selected, pending pilot testing results, the change will be implemented on a rolling basis. Earl Lewis, senior IT project manager, said a detailed schedule will be announced at least two weeks in advance.
Users who attempt to connect to UGuest with their phones, tablets, or desktop/laptop computers will be directed to a webpage where they must enter their mobile device number to request an access code. The access code will then be pushed to their mobile device via SMS message. Users should enter the access code and mobile phone number on the webpage, at which point they may safely close the previous browser window and use the internet.
Once connected to UGuest, users may visit onboard.utah.edu and, if eligible, begin using the university’s other wireless networks, detailed below:
- UConnect is the fastest (5GHz configured) and most secure wireless network at the U. Students, faculty, and staff with a valid uNID login may connect laptops, mobile phones, tablets, and other non-Internet of Things (IoT) devices to UConnect.
- ULink, an IoT-dedicated network for media players, smart TVs, and gaming consoles (e.g., Roku, Chromecast, Apple TVs, PlayStation, and Xbox), launched in 2018 as a way to divert IoT traffic from other U wireless networks, improve security, and discourage the use of personal wireless access points like routers and Mi-Fi/personal hot spots that create network interference.
- eduroam is a roaming wireless service that partners with universities, museums, libraries, public transportation authorities, governments, and other organizations to offer free access to secure Wi-Fi around the world. If eduroam is configured on your device with your U credentials (uNID@utah.edu and password), it should connect automatically when visiting an eduroam partner location.
Because unencrypted networks like UGuest are vulnerable to cyberthreats, Roach strongly urges members of the U community to use a virtual private network (VPN) when accessing university resources through the public internet, such as Windows file shares and private internet protocol (IP)-addressed systems. Please note, university resources that can only be reached from university IP space are not accessible on UGuest.
Lewis seconded Roach’s recommendations, adding, “we really want to make it clear that UGuest is intended only for temporary visitors to campus.”
Because UGuest is rate limited, it provides a slower connection than other U networks. UGuest connection time is also limited to a 7-day period. After seven days, users must request a new access code for their device.
Ray Carsey, manager of UIT Network Services, said UGuest is the least utilized of the university’s four wireless networks. Fewer than 6,000 devices, or less than 10 percent, of all network-connected devices at the university, he said, sign on to UGuest on any given day.
More information about this project will be announced in Node 4 and UIT’s email news service as it becomes available.
Node 4
Our monthly newsletter includes news from UIT and other campus/ University of Utah Health IT organizations, features about UIT employees, IT governance news, and various announcements and updates.