# BYOD In most corporate networks, the conventional method to deliver BYOD connectivity relies on a **captive portal** paired with corporate SSO. Employees use a web-based login process each time they join the network, which is secure and familiar. However, this “as-is” solution comes with several challenges that have become more pronounced over time. One major issue is that modern operating systems increasingly **randomize MAC addresses** to protect user privacy. This MAC rotation forces users to re-enroll every time their device’s identity changes, creating a frustrating cycle of repeated logins and credential revalidation. Additionally, because **each device must undergo its own enrollment process** via the captive portal, the overall user experience suffers when employees carry multiple personal devices. This situation becomes even more complicated for **headless devices**—like medical monitors or IoT sensors—that lack a traditional user interface. Such devices are typically incompatible with captive portal mechanisms, leaving them unable to connect through these conventional means. Moreover, the use of **open networks**, even with captive portals, is no longer acceptable from a security standpoint; organizations today require more robust solutions that ensure every connection is both authenticated and monitored. PPSK offers a transformative alternative that directly addresses these issues. With PPSK, network access is secured through the assignment of unique pre-shared keys that are tied to an individual’s identity during a **one-time enrollment process**. This key can then be used seamlessly across all of an employee’s devices, effectively eliminating the need for repeated re-enrollment—even when MAC addresses rotate. Because the authentication mechanism is based on a pre-shared key rather than a device’s MAC address, it also readily supports **headless devices,** which can now connect without any interface-based challenges. Furthermore, by moving away from a reliance on open or captive portal-based connections, PPSK offers a far more **secure network environment**. The centralized management of keys also means that administrators benefit from enhanced **visibility**, robust **access control**, and detailed **connection logs**, ensuring **accountability** at every step. A significant advantage of this centralized approach is the facilitation of **cross-branch roaming**; employees can move seamlessly between locations without any additional configuration steps, making the network both agile and secure. In summary, transitioning to a PPSK solution not only simplifies the enrollment process—ensuring one-time setup for all devices—but also overcomes the shortcomings of MAC rotation and captive portal limitations. The result is a more secure, user-friendly, and administratively efficient way to manage BYOD in today’s diverse workplace. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.cusna.io/solution-guides/byod.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.