How to Setup a Managed Access Program for BYOD Devices – Part 4

When deciding how to manage BYOD devices on your school network, many challenges come to mind. We’ve spoken over the last couple of weeks about setting up captive portals and using a dedicated Wi-Fi network, but both solutions come with several technical considerations that may present problems that cannot be overcome by solution architecture alone. 

  • How do we ensure the appropriate student filtering policy is applied, if at all?
  • Can we still decrypt SSL traffic to maintain maximum visibility into Internet activity?
  • How much work will this be?

With BYOD devices, there is no perfect solution, since the IT department doesn’t own the asset it’s trying to protect. But given the options that we’ve presented, there are still things you can do to maintain control over your network. In this final BYOD post, we’d like to make some suggestions for how to handle BYOD devices when a dedicated Wi-Fi network or captive portal solution just won’t fit. 

What is a Managed Internet Access program? 

Managed Internet Access refers to a hands-on approach to handling BYOD devices on your school network. It involves an active outreach program to your student population, informing them of the requirements they need to adhere to in order to access the school network. Ultimately, this means that IT staff will need to actively setup the student’s device which may involve the following: 

  • Installing an SSL certificate to ensure HTTPS websites can still be tracked at the URL level.
  • Entering your Wi-Fi password so that it is not given out to the public.
  • Installing a Netsweeper“safe browser” that applies Netsweeper filtering policy on the student device. 

While this approach to handling BYOD devices may not work in all situations, it’s another option for allowing and managing BYOD devices on the school network. The Netsweeper technical support team ( is happy to assist if this is an option you’d like to explore.