Back to Customer Stories
Technology
1min read
June 13, 2026

How a Privacy Platform Delivered Certificates to 2,000+ Mac Devices on a Microsoft Backend

At a Glance
Industry Technology
Use Case Certificate-based Wi-Fi for a Mac-majority fleet managed through Microsoft Intune
Products Cloud RADIUS, Dynamic PKI, JoinNow Platform
Key Result 2000+ devices secured across a Mac-first, Microsoft-backend environment
Read the Full Story
Schedule Demo

The Challenge

A leading privacy and data governance platform had certificate deployment problems with a majority Mac device fleet running on Microsoft backend. Standard Intune SCEP profiles handled Windows certificate enrollment natively, but for macOS, they fell short.

The company needed certificate-based Wi-Fi authentication across its fleet, but the gap between Microsoft identity services and Apple hardware lacked a native fix. The IT team needed a PKI and RADIUS stack that could sit between Entra ID, Intune, and Apple endpoints without requiring a rebuild on either side.

The Solution

The team chose the SecureW2 platform for its vendor-neutral architecture. The platform operated between the Microsoft identity stack and Apple endpoints without requiring changes to either ecosystem. Without a second MDM, no other solution could meet this requirement.

The company started the deployment with 2,000+ device licenses and authentication. Entra ID served as the identity provider, and Intune managed all device profiles, including Apple devices.

The Mac-on-Microsoft environment demanded a customized approach. SecureW2 engineers collaborated with the company’s senior IT engineer to package the certificate request into a configuration profile format that macOS processes natively, even when delivered via Intune. This bridged the gap without forcing the company to adopt an additional MDM for Apple devices. The cloud-based RADIUS server then validated each certificate against Entra ID on every authentication attempt, providing real-time identity verification for the entire fleet.

The Results

  • Mac-on-Microsoft gap closed — custom MDM setup delivers certificates to Apple devices through Intune, eliminating the need for a secondary MDM or manual provisioning
  • Vendor-neutral architecture — operates between the Microsoft backend and Apple endpoints without requiring changes to either ecosystem
  • Real-time identity verification — cloud-native RADIUS server validates certificates against Entra ID on every attempt

With continuous monitoring policies in development, the company is moving toward real-time compliance visibility on top of a certificate infrastructure that has run without interruption for over 3 years.

Learn More About SecureW2

Explore SecureW2's trust model, dive into our platform and product details or read more success stories.

Why SecureW2

Establish continuous trust with Dynamic PKI and Cloud RADIUS. Enforce access based on live identity, device posture, and risk context.

  • Passwordless authentication that can’t be phished
  • Works with your IdP, MDM, and security stack
  • Real-time policy engine for dynamic access control
Learn More
Explore the Platform

Get the essentials on the products that power continuous enforcement.

SecureW2 JoinNow Platform
SecureW2 Dynamic PKI
SecureW2 Cloud RADIUS
MultiOS for Self-Service Onboarding
Integration Hub
Knowledge Base Articles

Explore practical guidance from engineers and admins deploying SecureW2.

  • Setup and configuration tutorials
  • Integration best practices with IdPs and MDMs
  • Troubleshooting guides for PKI and RADIUS
Browse Explainers