Back to Customer Stories
Financial Services/Private Equity
1min read
June 13, 2026

How SecureW2 Protected Sensitive Data and Automated Certificate Management for a Top 20 Global Finance Firm

At a Glance
Industry Financial Services/Private Equity
Use Case Corporate Wi-Fi 802.1X, managed and BYOD device enrollment
Products Cloud RADIUS, Dynamic PKI, JoinNow Platform
Key Result Eliminated password-based Wi-Fi vulnerabilities and deployed certificate-based 802.1X authentication across 825 devices, with no on-premises infrastructure required.
Read the Full Story
Schedule Demo

The Challenge

Until recently, a globally ranked top-20 private equity and venture capital investment firm relied on pre-shared keys and passwords to secure the company’s Wi-Fi network.

This solution was not sufficiently secure for an organization handling sensitive deal data, term sheets, and portfolio company financials daily. The firm decided to transition to certificate-based authentication, with a few key specifications.

The company required a fully cloud-hosted solution, with zero on-premises infrastructure. The mixed device environment — Windows on Intune, Mac on Jamf Pro, plus BYOD — also required a unified certificate enrollment approach across both MDMs. Beyond that, it was important for the firm to find an intuitive, easy-to-use solution that would deliver a high level of security without excess complexity.

The Solution

The firm’s security consultants worked with the SecureW2 technical team to design and validate a certificate-based authentication solution, assessing the managed PKI architecture, certificate enrollment automation, and cloud-based RADIUS integration.

Certificate enrollment runs through two paths: SCEP-based enrollment for Windows through Intune and for Mac through Jamf Pro. Certificate attributes are customized to include template name and OID values for device identification — a detail that reflects the firm’s sophisticated security requirements.

Unmanaged personal devices enroll through a BYOD workflow integrated with Entra ID, using identity provider authentication to bind each certificate to a verified user.

SecureW2 support engineers worked through Intune and Jamf configuration, BYOD enrollment testing, and RADIUS policy validation across the full device fleet.

The Results

  • 825 devices enrolled: certificate-based 802.1X authentication deployed across Intune, Jamf Pro, and BYOD
  • Cloud-native deployment: no on-premises infrastructure required
  • Unified enrollment across all device types: Windows, Mac, and personal BYOD devices managed through a single certificate-based workflow
  • Eliminated pre-shared key vulnerabilities: sensitive deal data, term sheets, and portfolio financials now protected by certificate-based authentication

Learn More About SecureW2

Explore SecureW2's trust model, dive into our platform and product details or read more success stories.

Why SecureW2

Establish continuous trust with Dynamic PKI and Cloud RADIUS. Enforce access based on live identity, device posture, and risk context.

  • Passwordless authentication that can’t be phished
  • Works with your IdP, MDM, and security stack
  • Real-time policy engine for dynamic access control
Learn More
Explore the Platform

Get the essentials on the products that power continuous enforcement.

SecureW2 JoinNow Platform
SecureW2 Dynamic PKI
SecureW2 Cloud RADIUS
MultiOS for Self-Service Onboarding
Integration Hub
Knowledge Base Articles

Explore practical guidance from engineers and admins deploying SecureW2.

  • Setup and configuration tutorials
  • Integration best practices with IdPs and MDMs
  • Troubleshooting guides for PKI and RADIUS
Browse Explainers