$15 Billion-Dollar App Startup Moves to Certificates

Case Study

Custom Details

This SecureW2 client is an America-based company whose mobile app and website serves clients across North America. They are an industry leader in their field and are valued at over $15 billion.

1500 Number of Devices
Consumer App Industry
SecureW2 Products Purchased Cloud RADIUS, Connector, Managed Device Gateways

Infrastructure

  • Brand
  • Brand
  • Brand
  • Brand
Mostly macOS with some Chromebooks

Deployment Timeline

After using a demo from SecureW2 for a week, they decided to go straight into a long term contract with SecureW2. They started deployment in February 2020, and were able to have certificates on all corporate owned and managed devices by March. Today they have 1400 devices enrolled for certificates.

They are using the added security from certificates as a jumping off point to implement a zero trust network in the upcoming months.

Challenges

Starting as a small start-up company, the client had been using a WPA2-PSK network for some time. However, their business was growing rapidly, so they were looking for a more secure alternative. With the increase in employees, they feared the security risk of passwords becoming compromised. Each time they administered a password to a new employee, they knew it was another entrance point for a potential security breach.

They wanted to take advantage of a certificate-based solution as they believed credentials were insecure and quickly becoming obsolete.

The company had no existing on-premise infrastructure to leverage. An IT representative from the company explained, “After we crunched the numbers and found out running a server on our campus would cost us thousands in hardware and manpower, we decided we needed a more cost effective solution that could easily integrate with our cloud environment.”

Lastly, the client needed their solution to be able to support over a thousand diverse devices. Their environment consisted of:

  • Meraki Wi-Fi access points
  • Okta directory
  • Jamf MDM for managing corporate owned macOS devices
  • Google Workspace for managing corporate owned Chromebooks

Ideally, they wanted to have one solution that would enable certificate distribution for all these different operating systems.

Solution

The client discovered that SecureW2 offered a modern all-cloud environment and was the only vendor that accounted for all the above requirements. An IT representative explained, “We took a look at some other managed PKI solutions, but there was always something missing, SecureW2 checked all our boxes, so we decided to give them a shot.”

After a week-long demo period, they decided to take advantage of SecureW2’s JoinNow Connector Bundle.

The client started deployment February 2020, and quickly rolled out certificates to all their managed devices using the auto enrollment features of SecureW2. SecureW2 provided them with gateway APIs that natively integrate with MDMs like Jamf for managed device certificate auto-issuance, as well as self-service BYOD clients that allow end users to use their cloud IDP credentials like Okta to self-enroll themselves for certificates. By the end of February they had 1400 devices all enrolled with certificates.

The customer was initially concerned about managing a large number of certificates and wanted to make sure that no certificates would expire unnoticed. They took advantage of SecureW2’s management portal to automate certificate expiration notifications. This makes sure that anytime a certificate expires, IT is notified and instructed on how to renew that certificate immediately.

The fact that SecureW2 came built with advanced mechanisms like a Cloud RADIUS with Dynamic Identity Lookup and a fully equipped management portal made things so much easier than we expected.

Senior It Engineer

The IT department now has access to reports that offer a consolidated view of certificates across the organization from the SecureW2 portal. Since deployment, they have reported a 80% decrease in password related IT tickets.

Overall the adoption of a SecureW2’s PKI system has given the client the chance to strengthen their network, “We are hoping to build upon our increased security by implementing zero trust policies throughout our network. Because of SecureW2 we are set up to do identity lookup with Okta's zero trust features combined with our dynamic radius features set.” These features will allow them to segment users into roles that only have access to company assets that are necessary for those individuals, further strengthening their network.

Evaluating Success

With the new system in place, the client has enjoyed the ease and simplicity of a cloud-based network, while still having a fully functional PKI in place. They no longer have to worry about time consuming password resets or costly password leaks.

The client lauded the solution from SecureW2 by saying “SecureW2 has given us all the tools we need to strengthen our network. Their customer service has always been ready to help us whenever we have a question, we really can’t recommend them enough.”