The Challenge
A global healthcare technology company focused on cancer research needed to transition to certificate-based authentication. The company’s priorities included protecting sensitive data and enabling far-flung employees to authenticate to the network securely.
Data Privacy
The company organizes and analyzes real-world oncology data for cancer centers, academic research centers, and life science organizations. The company handles sensitive clinical information at scale, which makes protecting data and complying with stringent regulations across countries a priority.
A reliance on on password-based Wi-Fi network access left their network exposed to phishing and credential theft. This was a major risk for a healthcare technology organization operating under strict security and compliance requirements.
Remote Network Access
Later, another problem emerged: international users had no way to authenticate to the network via 802.1X. The existing PKI-only deployment, which had served the organization well since 2020, did not include a cloud RADIUS component capable of handling authentication for users outside the primary network perimeter. But with offices in the United States, Europe, and Asia, that system no longer worked, and global network access was a key priority.
Ease of use and reliability were also top top of mind. The IT team manages security for more than 2,500 employees, meaning they needed solutions that were easy to implement and maintain.
The Solution
The company worked closely with SecureW2 to address its challenges.
Transitioning to Digital Certificates
The company first deployed the JoinNow Connector PKI to replace password-based Wi-Fi authentication with digital certificates. The initial deployment included MultiOS support, Cloud Connector, and Managed Device Gateway capabilities, covering devices across multiple operating systems and enrollment paths.
Eventually, around 1,800 devices were enrolled in the company’s private network, all successfully secured with certificate-based authentication, instead of the risky, legacy credential-based solution.
International Access
Several years later, the company added JoinNow Cloud RADIUS to provide international users with a secure way to authenticate via 802.1X. Cloud RADIUS removed the pre-existing geographic constraint entirely. Users now authenticate from any location without requiring on-premises RADIUS infrastructure at each site.
The company also configured TLS for encrypted RADIUS communication with its Ubiquiti/Unifi access point infrastructure, hardening the authentication channel between the wireless network and Cloud RADIUS.
The Results
- International 802.1X authentication solved with a Cloud RADIUS expansion
- 1,800 devices secured with certificate-based authentication, removing passwords from the Wi-Fi flow
- TLS-encrypted RADIUS transport configured with Ubiquiti/Unifi wireless infrastructure
- Minimal support overhead: minimal on record across six years of operation keep IT involvement low
The company continues to evolve its deployment as business needs change. What started as a PKI-only installation now spans both PKI and Cloud RADIUS, covering domestic and international authentication use cases.