Zero Trust for the Devices You Can't Fully Control: Wireless

Zero trust is hardest to enforce on the devices that move. A workstation bolted to a desk is relatively easy to monitor and control; a wireless device — a phone, a laptop, an IoT sensor — roams, connects intermittently, and often runs on hardware the organization doesn't fully manage. These are exactly the devices a zero-trust model most needs to keep verifying, and exactly the ones where continuous verification is most awkward.

The grant US11381972B2, "Optimizing authentication and management of wireless devices in zero trust computing environments" (issued July 5, 2022, assigned to Bank of America Corporation), addresses that awkwardness. Its CPC classifications combine the wireless-security classes H04W 12/08, H04W 12/37, and H04W 12/065 with the machine-learning class G06N 20/00 and the security-monitoring class G06F 21/552 — zero-trust management tuned for the wireless case.

“Aspects of the disclosure relate to optimizing authentication and management of wireless devices in zero trust computing environments. In some embodiments, a computing platform may receive, from a user computing device, a connection request.”— U.S. Patent No. 11,381,972 source

The mechanism worth understanding is optimization for the constraints of wireless. Constant re-authentication drains battery, consumes bandwidth, and frustrates users; doing it naively makes wireless zero trust unusable. The patent's framing — optimizing authentication and management — points at the real engineering: verifying often enough to maintain zero-trust guarantees while being efficient enough that mobile devices remain practical to use.

From a policy and governance standpoint, this matters because wireless and bring-your-own devices are where most organizations' zero-trust ambitions meet reality. It's straightforward to declare a zero-trust policy; it's hard to apply it uniformly to a fleet of mobile devices the organization only partly controls. The gap between the policy and the wireless edge is where many breaches enter.

That a major bank holds this patent is itself a signal. Financial institutions face the strictest regulatory expectations around access control, and they operate large fleets of mobile and wireless endpoints. The invention reflects a sector working out how to make zero trust hold not just in the easy cases but at the mobile edge, where the principle is most needed and hardest to enforce.