Global Fintech Leader Switches All Devices to EAP-TLS with SecureW2

Case Study

Custom Details

1,200 Number of Devices
Financial Technology Industry
SecureW2 Products Purchased Cloud Connector Bundle; Cloud RADIUS Network Authentication For Wired Printers for 802.1x

Infrastructure

  • Brand
  • Brand
  • Brand
  • Brand
Cloud RADIUS, Connector, Managed Device Gateways

Deployment Timeline

In December 2018, the company contacted SecureW2 to help set-up an EAP-TLS cloud environment for their network. The entire PKI was set up from scratch after just a few phone calls.

The organization currently has 1,200 devices enrolled with certificates and a fully capable BYOD system enabled with certificate self-enrollment.

Challenges

As an expanding company, the organization was seeing their number of employees increase dramatically. They had a small team that was in charge of their network security that eventually wanted to move away from their Pre-shared key (PSK) authentication method. “With each new employee, we knew that we could expect at least one new password related issue, it got to a point where we knew something had to change.” The senior IT administrator said.

The team wisely decided they wanted to go with 802.1X EAP-TLS authentication, in order to get rid of passwords and take advantage of certificates. “We knew we wanted to use certificates, but were hesitant to make the transition because we have different kinds of managed devices running on different operating systems, and from what we knew it would be a big hassle getting them all enrolled.”

The company knew that a requirement for all WPA2-Enterprise networks is the use of a RADIUS server. They initially wanted to get an on-premise server to leverage their new network security, but after some research found it was to expensive a solution, the IT administrator explained, “We didn’t initially realize how hands-on the process of getting an On-Site RADIUS was and were having a hard time justifying the enormous cost in maintenance.”

Eventually, they decided they needed their solution to work in a cloud environment in order to reduce the costs associated with on-premise infrastructure.

Lastly, the company has a number of printers with access to their network, so they needed a way to ensure no bad actors could use one as an attack vector. To ensure a completely secure network, they wanted a way to enroll their printers for certificates as well.

Solution

The customer evaluated several 802.1X solutions and found that SecureW2 offered the best solution for their needs based on capabilities, managed services and affordability.

The senior IT administrator explains, “After taking a look at different SaaS RADIUS solutions, we saw that SecureW2 was the only platform that met all of our specific needs. They have met all our expectations and then some. Anytime we have a question or need a new feature, their support team has always been right there to help.”

SecureW2’s Managed Devices Gateways for certificate auto-enrollment has made certificate distribution for the customer a breeze, as they quickly enrolled over a thousand devices in just a few weeks.

A few weeks after getting started with SecureW2, the COVID-19 pandemic forced most of the customers' employees to start working from home. The company needed a way to ensure their data remained safe even when away from the office. They used SecureW2 to enroll end users with certificates to access their VPNs, now over 1,000 employees are able to securely access company data.

Some other notable advantages the customer has enjoyed are:

  • A massive reduction in password related help-desk tickets.
  • Easy certificate enrollment for IoT devices such as their printers.
  • An easy to manage certificate portal with a complete graphical user interface.

We were looking for a way to strengthen our network security and SecureW2 not only helped us with that, but made managing the network way easier, I can’t recommend them enough

Senior Information Security Specialist

Evaluating Success

With a completely cloud-based network and a fully functional PKI, the client is ready for any potential threat. They are currently transitioning to a more Okta based environment and can rest easy knowing they’re Okta directory is easily integrated with SecureW2.

The customer is moving towards a zero-trust network and is pushing to use certificates wherever possible to reinforce their security and move away from insecure passwords.

The firm has reached the point where they aim to use certificates wherever possible to strengthen and mature their security by completely moving away from passwords.