Want to learn the best practice for configuring Chromebooks with 802.1X authentication?

Sign up for a Webinar!
Branding
Branding Branding
Login Check our Prices
Case Studies

Global Fintech Leader Switches All Devices to EAP-TLS with SecureW2

BYOD
Cloud Radius
Enterprise
Jamf
Okta
PKI
Wi-Fi
Case Study Hero BG

Deployment Timeline

In December 2018, the company contacted SecureW2 to help set-up an EAP-TLS cloud environment for their network. The entire PKI was set up from scratch after just a few phone calls.

The organization currently has 1,200 devices enrolled with certificates and a fully capable BYOD system enabled with certificate self-enrollment.

Challenges

As an expanding company, the organization was seeing its number of employees increase dramatically. They had a small team that was in charge of their network security that eventually wanted to move away from their Pre-shared key (PSK) authentication method.

Quote Left Icon
With each new employee, we knew that we could expect at least one new password-related issue, it got to a point where we knew something had to change.
CHRIS, SENIOR INFORMATION SECURITY SPECIALIST

Chris and his team decided they wanted to go with 802.1X EAP-TLS authentication, in order to get rid of passwords and take advantage of certificates.

Quote Left Icon
We knew we wanted to use certificates, but were hesitant to make the transition because we have different kinds of managed devices running on different operating systems, and from what we knew it would be a big hassle getting them all enrolled.
CHRIS, SENIOR INFORMATION SECURITY SPECIALIST

The company knew that a requirement for all WPA2-Enterprise networks is the use of a RADIUS server. They initially wanted to get an on-premise server to leverage their new network security, but after some research found it was too expensive a solution, the IT administrator explained, “We didn’t initially realize how hands-on the process of getting an On-Site RADIUS was and we were having a hard time justifying the enormous cost in maintenance.”

Eventually, they decided they needed their solution to work in a cloud environment in order to reduce the costs associated with on-premise infrastructure.

Lastly, the company has a number of printers with access to their network, so they needed a way to ensure no bad actors could use one as an attack vector. To ensure a completely secure network, they wanted a way to enroll their printers for certificates as well.

Solution

The customer evaluated several 802.1X solutions and found that SecureW2 offered the best solution for their needs based on capabilities, managed services, and affordability.

Quote Left Icon
After taking a look at different SaaS RADIUS solutions, we saw that SecureW2 was the only platform that met all of our specific needs. They have met all our expectations and then some. Anytime we have a question or need a new feature, their support team has always been right there to help.
CHRIS, SENIOR INFORMATION SECURITY SPECIALIST

SecureW2’s Managed Device Gateways for certificate auto-enrollment has made certificate distribution for users a breeze, as they quickly enrolled over a thousand devices in just a few weeks.

After getting started with SecureW2, the COVID-19 pandemic forced most of the customers’ employees to start working from home. The company needed a way to ensure their data remained safe even when away from the office. They used SecureW2 to enroll end-users with certificates to access their VPNs, now over 1,000 employees are able to securely access company data. Some other notable advantages the customer has enjoyed are:

  1. A massive reduction in password-related help-desk tickets.
  2. Easy certificate enrollment for IoT devices such as their printers.
  3. An easy-to-manage certificate portal with a complete graphical user interface.
Quote Left Icon
We were looking for a way to strengthen our network security and SecureW2 not only helped us with that but made managing the network way easier, I can’t recommend them enough.
CHRIS, SENIOR INFORMATION SECURITY SPECIALIST

Evaluating Success

With a completely cloud-based network and a fully functional PKI, the client is ready for any potential threat. They are currently transitioning to a more Okta based environment and can rest easy knowing they’re Okta directory is easily integrated with SecureW2.

The customer is moving towards a zero-trust network and is pushing to use certificates wherever possible to reinforce their security and move away from insecure passwords.

The firm has reached the point where they aim to use certificates wherever possible to strengthen and mature their security by completely moving away from passwords.