IVYStudent WiFi

Are we secure yet?

The statewide student WiFi network at Ivy Tech in not encrypted, putting students at risk:

IVYStudent WiFi - UR0278410

Ticket from unnamed Cybersecurity student:

Helpdesk, please assign this ticket to Systems Office Information Security.

My concern is the fact that the IVYStudent WiFi network is an open (unencrypted) network that uses a captive > portal for authentication. The authentication piece is secure, as it uses HTTPS, however the regular TCP/IP traffic that students send to other sites while using the IVYStudent network is left unencrypted and unprotected.

Everything from DHCP to DNS to HTTP and more is not encrypted and is visible to anyone sniffing the network. The IVYStaff WiFi has solved this security problem by utilizing WPA2-Enterprise encryption, which is the gold standard for WiFi security. I think Ivy Tech students deserve encryption on student WiFi too. The Juniper equipment would support WPA2-Enerprise on IVYStudent if Ivy Tech opted to enable it.

I have brought my concerns to the Bloomington Student Government and Chancellor and local OIT with no results thus far. I keep getting told that IVYStudent is fully encrypted and secure. Therefore, I am escalating my concerns.

I fully understand that this cannot be solved immediately. All I ask is that you communicate the current encryption status (or lack thereof) of IVYStudent WiFI to College leadership so that they may make an informed risk assessment, Right now none of them seem to know it’s an issue or understand the concepts. Thanks for you attention to this! [name redacted]

Reply from Amy Liter, Executive Director IT Operations at Ivy Tech Systems Office

Resolution Notes: Hi Kevin! Thank you for your curiosity of our IVYStudent wireless network setup. We understand there are differences between IVYStudent and IVYStaff and it is not a result of a lesser concern for our students. We are a large institution that requires finding a middle ground that provides a level of security without creating barriers for our large student base. IVYStudent is not encrypted by design. It’s an open broadcast SSID with a secure captive portal that only allows access to the internet. Students possess a very wide and diverse array of equipment and operating systems. Not all devices support the same wireless standards or support the same root certificate libraries that are required to validate modern certificates. Keep in mind that all Ivy Tech web sites and resources are encrypted via HTTPS. It is every student’s responsibility to know if a website they are visiting is secure or not.

Site last updated 2025-06-06 This site is 100% the opionion of its author and is in no way affilated with Ivy Tech Community College.