The Challenge
The team at a medical device startup was looking forward to an acquisition by a major medical manufacturer. Looking over their network security systems ahead of the deal, they realized their current solution, which was based on pre-shared keys (PSKs), wasn’t going to cut it.
Pre-shared keys are static and shareable — any employee or former employee with the password could access the network. PSKs are a risk anywhere, but especially so in regulated industries like healthcare that involve patient data, research results and clinical device specifications.
Rather than let weak security ruin a buyout, the startup decided to upgrade their systems to industry-standard certificate-based network access controls tied to individual device identity.
The client was using Microsoft Azure as an IDP and Intune for device certificate management, so any authentication solution had to integrate natively with that stack. With fewer than 50 employees and a lean IT department — and a major deal approaching — the company needed a solution they could stand up fast. SecureW2 came recommended by an outside technology consultant based on Intune integration capabilities, a cloud-native delivery model, and fast time to value.
The Solution
Working with SecureW2, the company deployed the JoinNow Platform to connect directly to Azure and Intune.
The Intune integration handled certificate enrollment, automating provisioning across the managed device fleet without requiring manual IT intervention for each device. This met the basic security needs driven by the acquisition: Certificates tie directly to identities managed in Azure, giving the IT team full visibility into which devices connect and the ability to revoke access instantly when an employee departs or a device is decommissioned.
As an extra layer of defense, the client enabled multi-factor authentication (MFA) with Time-based One-time Passwords (TOTP). This approach addressed both credential theft and device compromise scenarios — devices now need both a valid certificate and single-use, expiring password to authenticate.
The Results
- Enrolled 500+ devices with certificate-based authentication
- Eliminated pre-shared keys, replacing them with unique digital certificates tied to each device’s Azure identity
- Layered TOTP-based MFA on top of certificates for defense-in-depth security across devices
- Integrated Azure and Intune for connectivity to the existing Microsoft stack without additional infrastructure
- Strengthened security posture ahead of a strategic integration with a major medical manufacturer
Upgrading to modern certificate-based network security positioned the client to meet the compliance and security expectations of its acquisition partner before due diligence began. Certificate-based authentication and MFA now form the foundation of a network access model that set the client up well for its next phase.