The Challenge
A clinical-stage biopharmaceutical company on the Atlantic seaboard needed network security infrastructure that met the regulatory rigor of its industry. With around 150 employees and a mix of managed devices, the IT team required certificate-based network authentication that could verify device identity before granting access to systems handling sensitive research and clinical data.
Password-based Wi-Fi authentication left gaps. Credentials could be shared, phished, or reused across personal and corporate contexts. For a company operating in a regulated environment, the ability to tie network access to verified device identity — and to maintain audit trails of authentication events — was a baseline requirement, not an aspiration.
The team also needed redundancy in case of outages, whether from weather or something else. A single point of failure in the authentication infrastructure was unacceptable for an organization where network downtime could disrupt active clinical operations. Finally, the IT team wanted richer certificate metadata to support access policies based on device attributes, not just binary authentication.
The Solution
The company deployed the SecureW2 JoinNow Platform in three phases.
During phase one, managed devices received digital certificates that replaced passwords for Wi-Fi access, with each authentication event logged through Cloud RADIUS.
The team also deployed JoinNow Disaster Recovery (DR) RADIUS to maintain authentication continuity if the primary service went down. They added JoinNow Data Enrichment at the same time, embedding additional device and user attributes into certificates to support more granular access policies.
During phase two, the company expanded again, adding JoinNow External Authentication (EA) RADIUS across 150+ devices. The EA RADIUS deployment extended certificate-based authentication to additional network entry points beyond the primary corporate Wi-Fi network, covering external-facing connections that required the same level of identity verification.
Finally, during phase three the team consolidated PKI, Cloud RADIUS, DR RADIUS, EA RADIUS, and Data Enrichment under one architecture with access to the full feature set.
The Results
- Better aligned with regulatory expectations through certificate-based authentication, replacing the vulnerable legacy password-based system.
- Enabled continuity for critical clinical operations through a robust disaster recovery program, including disaster recovery RADIUS.
- Delivered granular, policy-based network access controls through data enrichment, embedding device attributes into certificates.
The deployment pattern reflects how organizations in regulated industries adopt certificate-based security: start with the core authentication layer, then build on that implementation by gradually adding redundancy, richer metadata, and broader coverage.