Deployment Timeline
This biotech customer contacted our sales team in March of 2022. With the steadily growing number of cyber-attacks leading to devastating data breaches in the industry, they knew they needed a solution that would protect both their VPN and Wi-Fi as soon as possible.
Fortunately, SecureW2 has experience rapidly deploying our solutions. The customer was able to deploy Cloud RADIUS, our onboarding solution, and our PKI within a month.
Challenges
Biotech companies like this one pave the way toward a healthier future. But the research necessary to produce innovative products takes time, and during that time, any IP developed by the company is uniquely vulnerable to cyber threats.
Our customer knew it was just a matter of time before their growing organization was exposed to such a risk – especially since, with locations in three different countries, a lot of sensitive data had to be accessed remotely.
On top of that, many of their employees use BYODs/unmanaged devices. BYODs can be a huge risk to an organization’s network because administrators must rely on the end-user to configure them properly and keep them compliant.
Every day, the company’s employees accessed sensitive company data by logging into a VPN. Each employee had their own password for the VPN, but their IT department increasingly worried that these passwords could be stolen. The potential for misconfigured BYODs only made this possibility likelier.
Solution
Having worked with many other organizations that handle sensitive data, including healthcare organizations, SecureW2 understands the importance of protecting that data. Our solutions were made with the need for discretion and security in mind.
We began by working with the customer to deploy our Public Key Infrastructure (PKI). That way, the company would be able to create certificates for their employees to log into the VPN with, as opposed to using insecure credentials. However, each employee used their own devices, and that meant the customer needed a way to equip each of those unmanaged devices with their certificates.
Fortunately, we have a top-rated solution for this problem, too: SecureW2’s easy-to-use JoinNow MultiOS, which is a dissolvable client. From an employee’s perspective, it’s as effortless as navigating to the portal, following a few simple steps, and then their device is properly configured for certificate-based authentication. JoinNow MultiOS prevents the danger of misconfiguration before it can occur and allows users to install certificates on their devices in mere minutes.
There was one more piece of the puzzle remaining, though: what would the company use to authenticate their newly installed certificates? The answer to that question is Cloud RADIUS. Cloud RADIUS is a cloud-based authentication server that was created to be used for certificate-based authentication.
Thanks to its Identity Lookup feature, Cloud RADIUS can communicate with the company’s Identity Provider, Azure AD, in real-time during authentication. That means the most up-to-date network access policies from Azure AD can be extended to their VPN and even their Wi-Fi.
Evaluating Success
The company made a lot of changes beyond simply moving from Active Directory to Azure. With our PKI, onboarding application, and Cloud RADIUS, their movement to ironclad VPN security was stunningly smooth.
As a result, all of their employees can now access the VPN remotely without having to enter in frustrating passwords each time. And of course, this also means that there’s no chance of a VPN password being stolen by a malicious third party. Their IP is safeguarded by the robust security of digital certificates.
Although they’re much more secure than before, their cybersecurity goals don’t end here. The company is strongly considering utilizing an MDM in the future, alongside SecureW2’s gateway APIs, which make it possible to deploy certificates to managed devices automatically.