Deployment Timeline
After using a demo from SecureW2 for a week, this client decided to go straight into a long-term contract with SecureW2. They started deployment in February 2020 and were able to have certificates on all corporate-owned and managed devices by March. Today they have 1400 devices enrolled for certificates.
They are using the added security from certificates as a jumping-off point to implement a zero-trust network in the upcoming months.
Challenges
Starting as a small start-up company, the client had been using a WPA2-PSK network for some time. However, their business was growing rapidly, so they were looking for a more secure alternative. With the increase in employees, they feared the security risk of passwords becoming compromised. Each time they administered a password to a new employee, they knew it was another entry point for a potential security breach.
They wanted to take advantage of a certificate-based solution as they believed credentials were insecure and quickly becoming obsolete.
The company had no existing on-premise infrastructure to leverage.
Lastly, the client needed their solution to be able to support over a thousand diverse devices. Their environment consisted of:
- Meraki Wi-Fi access points
- Okta directory
- Jamf MDM for managing corporate-owned macOS devices
- Google Workspace for managing corporate-owned Chromebooks
Ideally, they wanted to have one solution that would enable certificate distribution to all these different operating systems.
Solution
The client discovered that SecureW2 offered a modern all-cloud environment and was the only vendor that accounted for all the above requirements.
After a week-long demo period, they decided to take advantage of SecureW2’s JoinNow Connector Bundle.
The client started deployment February 2020, and quickly rolled out certificates to all their managed devices using the auto enrollment features of SecureW2. SecureW2 provided them with gateway APIs that natively integrate with MDMs like Jamf for managed device certificate auto-issuance, as well as self-service BYOD clients that allow end users to use their cloud IDP credentials like Okta to self-enroll themselves for certificates. By the end of February they had 1400 devices all enrolled with certificates.
The customer was initially concerned about managing a large number of certificates and wanted to make sure that no certificates would expire unnoticed. They took advantage of SecureW2’s management portal to automate certificate expiration notifications. This makes sure that anytime a certificate expires, IT is notified and instructed on how to renew that certificate immediately.
The IT department now has access to reports that offer a consolidated view of certificates across the organization from the SecureW2 portal. Since deployment, they have reported a 80% decrease in password related IT tickets.
Overall the adoption of a SecureW2’s PKI system has given the client the chance to strengthen their network,
These features will allow them to segment users into roles that only have access to company assets that are necessary for those individuals, further strengthening their network.
Evaluating Success
With the new system in place, the client has enjoyed the ease and simplicity of a cloud-based network, while still having a fully functional PKI in place. They no longer have to worry about time consuming password resets or costly password leaks.