Short-Lived Certificates: Worth the Hype or Operational Headache?
In PKI, certificate lifespans have always been a balancing act between security and operational simplicity. The industry standard has preferred longer-lived certificates valid for one year, and sometimes even for...
JoinNow 8.0: Adaptive Defense, ACME for Server Certs, and More!
Trust rules how the world works. It’s the foundation of personal relationships, how we choose who to do business with, and how we grant people (and now non-human identities) access...
Configure Google SCEP Certificate Automatic Enrollment Profiles
Certificates are far superior to credentials and mitigate many of the vulnerabilities associated with pre-shared keys. They enhance the user experience by facilitating network access and removing password-related friction induced...
When Static Trust Becomes a Backdoor: Lessons from the 2025 SharePoint ToolShell Exploit
In July 2025, a widely exploited zero-day vulnerability, CVE-2025-53770 & 53771, named ToolShell, hit on-premises Microsoft SharePoint Server systems, triggering a large-scale compromise. The ToolShell exploit gave attackers unauthenticated remote...
Securing Identity-less Infrastructure and Userless Agents
The security landscape is profoundly transforming as AI and cloud-native technologies reshape organizations’ operations. Today, infrastructure consists of identity-less components such as containers, serverless functions, and ephemeral compute instances that...
Launching Certificate-Based Security Shouldn’t be Intimidating
“Global spending on information security and risk management is expected to grow 14.3% in 2025 to reach $212 billion.” Source: Gartner Press Release, August 28, 2024 Implementing strong network security...
5 Million Unsecured Wi-fi Networks: Why We’re Still Failing at Basic Network Security
As of 2025, more than 5 million unsecured Wi-Fi networks are active worldwide. Schools, hotels, small businesses, and even enterprise guest networks continue to rely on open or shared-password Wi-Fi....
Certificate Pinning vs. Device Attestation
Certificate pinning is widely used in networks to establish trust between client devices and servers. However, with enterprises shifting to dynamic BYOD and device trust policies, certificate pinning alone does...
What is the difference between MITM and AITM?
A traditional Man-in-the-Middle (MITM) attack primarily involves an attacker passively intercepting a communication channel to eavesdrop or steal static credentials, such as passwords. The Adversary-in-the-Middle (AITM) attack takes this a...
Understanding Authentication Strengths in Conditional Access
As cyberattacks become more targeted and identity becomes the core of security strategy, IT administrators are rethinking how users authenticate to sensitive resources. Organizations widely adopt Multi-Factor Authentication (MFA) to...
Does RadSec support roaming services, such as Eduroam?
RADIUS over TLS, also known as RadSec, enhances roaming services like Eduroam by providing stronger encryption than the standard Remote Access Dial-In Service (RADIUS) protocol. RADIUS in Eduroam utilizes the...
How Do You Enforce Consistent PKI Policy Across Distributed Teams?
You can enforce a consistent PKI policy across distributed teams by using centralized, automated enforcement with dynamic tools that integrate with your existing IT ecosystem. Manual management methods often lead...
What is a PKI, and How Does It Help Secure Networks in an Organization?
Password breaches have impacted nearly every industry, from telecommunications to healthcare. As threat actors refine their attack methods, securing networks solely with passwords has become increasingly challenging. Organizations are transitioning...
What does a modern PKI team structure look like?
Public Key Infrastructure (PKI) is like experiencing a renaissance. PKI, formerly thought to be the realm of cryptography specialists and obsolete hardware, is now a strategic enabler of business identity...
RADIUS + Dynamic PKI: Better Together
With many devices attempting to connect to the network, identifying potential risks from compromised devices becomes paramount. This is where a robust Public Key Infrastructure (PKI) integrated with RADIUS comes...
Why Isn’t my SCEP Profile Working?
You’re not alone if you have ever hit “Push” on the Simple Certificate Enrollment Protocol (SCEP) profile in your Mobile Device Management (MDM) only to find that nothing immediately happens....
ACME Device Attestation: Strengthening Certificate-Based Security
Public Key Infrastructure (PKI) was never designed for an environment where devices could drift out of compliance within hours, sometimes minutes, of being trusted. And yet, many organizations still rely...
Dynamic PKI: Continuous Authentication for Modern Security
Traditional authentication models have relied on static trust. Once a device or user is authenticated a single time they typically remain trusted indefinitely. This model assumes continuous security from a...
Why Does Certificate Lifecycle Management Automation Need Continuous Authentication?
Enterprises are relying more on automated solutions to manage the lifecycle of digital certificates. Certificate Lifecycle Management (CLM) has evolved from a manual, error-prone process to an automated, API-driven workflow...
Can Continuous Authentication Work with Existing MDM, EDR, or Identity Tools?
Yes, continuous authentication can work alongside existing Mobile Device Management ( MDM), Endpoint Detection and Response (EDR), and identity tools. This is possible when these tools share real-time context and...
Why is Mutual Authentication Important in Secure Communication?
Mutual authentication is important in secure communication because it is a process where both entities verify each other’s identities before establishing a connection. In a network environment, the client and...
What’s the difference between device authentication and device attestation?
Device security is more important than ever. Just one compromised device can give attackers access to your whole network. Because of this, security professionals depend on device attestation and authentication....
Why Should I Use EAP?
The Extensible Authentication Protocol (EAP) provides a standard framework for authenticating users and devices to a network. It uses various authentication methods, such as tokens, smart cards, digital certificates, and...
What is the difference between TLS and EAP-TLS?
TLS and EAP-TLS might seem identical initially since they depend on encryption and certificate-based authentication. TLS and extensible authentication protocols-transfer layer security (EAP-TLS) are often discussed in network security. They...
What are the three components in the 802.1X system?
The 802.1X system has three primary components: the supplicant, the authenticator, and the authentication server. The supplicant is the part of the device that requests access, the authenticator is the...
Is EAP-TLS The Same as PEAP?
Extensible Authentication Protocol-Transport Layer Security (EAP-TLS ) and Protected Extensible Authentication Protocol (PEAP ) are both authentication protocols used in the 802.1x framework, but they are not the same. The...
What Is The Gold Standard Of Network Security?
Extensible Authentication Protocol-Transfer Layer Security (EAP-TLS) is considered the gold standard for network security. It allows digital certificates to be deployed on WPA2-Enterprise with 802.1X authentication. EAP-TLS uses asymmetric cryptography...
How Does WPA3 Improve Wi-Fi Security Compared To Previous Protocols?
Wireless Protocol 3 (WPA3) improves Wi-Fi security compared to the WPA2 protocol, as it provides individual data encryption, side channel protection, and a more robust authentication mechanism through its 192-bit...
What is 802.1x Authentication Used For?
802.1x Authentication is a network security standard that grants access to wired and wireless networks by validating authorized users and devices. The 802.1X protocol is the IEEE Standard for Port-Based...
Understanding NIST SP 800-171 3.5.2: Device Identification & Authentication
NIST SP 800-171 is a cybersecurity framework that protects Controlled Unclassified Information (CUI). It applies to organizations handling sensitive government data and has been widely adopted as a best practice...
Your Guide To Wi-Fi Security
Wi-Fi is now a necessity. However, its convenience also makes it a prime target for cyber threats. As the number of Wi-Fi-enabled devices skyrockets, so do security risks. Attackers exploit...
How Does a Man-in-the-Middle (MITM) Attack Compromise Wi-Fi Networks?
A MITM happens when attackers hijack a communication channel to intercept and steal data. In this type of attack, they position themselves between a user and an application, silently capturing...
What is an Evil Twin attack in Wi-Fi, and how can I protect against it?
Imagine you’re out shopping, getting coffee, or waiting for a flight. You quickly want to check your messages or search for something, so hop on a free public Wi-Fi network....
SCEP vs. Dynamic SCEP
Simple Certificate Enrollment Protocol (SCEP) streamlines secure certificate issuance across networked devices, enabling scalable authentication and encryption. Instead of relying on manual provisioning, SCEP automates the process, allowing devices to...
What is MAC spoofing, and how does it affect Wi-Fi security?
MAC spoofing is when an attacker tricks a network by faking a device’s unique ID (MAC address) to gain unauthorized access or disrupt communication. This attack can happen in different...
Enabling Okta Device Trust for any MDM
The traditional network perimeter is a relic of the past. With remote work now common, users need secure access from anywhere, making outdated security models ineffective. Relying on perimeter-based defenses...
Top PKI Management Tools For A Network
Organizations should prioritize automated certificate lifecycle management to maintain complete visibility and granular control over who and what accesses their network. Managing certificates manually—distributing, renewing, and revoking them—quickly becomes tedious...
Configuring Certificate Auto-Enrollment with Microsoft GPO
Enterprises that use Public Key Infrastructures (PKI) will have to issue and manage tens or even hundreds of thousands of digital certificates. Keeping track of all those certificates may seem...
Complete Guide To Certificate Authorities
Imagine walking into a vast library, seeking a single book among millions. Without a librarian or a catalog system, you’d be lost. In many ways, the internet is that library,...
Without Server Certificate Validation, WPA2-Enterprise Isn’t Secure
Your users have strong, unique passwords, your networks are protected with WPA2-Enterprise encryption, and you use 802.1x for authentication. WPA2-Enterprise is the gold standard when it comes to security, so...
Microsoft PKI Best Practices
A Public Key Infrastructure (PKI) is an 802.1x network security solution that uses public-private key cryptography to authenticate users for online resources. PKIs can be configured to authenticate for Wi-Fi,...
How to Configure Kandji SCEP Profile
Digital certificates have, time and again, proven to be more secure than credential or password-based authentication as they are phishing-resistant. However, manually distributing digital certificates is a considerable challenge for...
What Are Virtual Smart Cards?
In the world of authentication cybersecurity, a device growing in popularity is the Smart Card. A smart card, like those produced by Yubico, is a cryptographic tool that allows users...
SHA-2 vs ECC: Digital Certificate Encryption Advancements
Cryptographic systems are at the heart of digital certificates, enabling encryption, authentication, and integrity. SHA-2 and ECC are two pivotal technologies that protect everything from SSL certificates to system integrity...
2024 Security Analysis of PEAP-MSCHAPv2
These days, wired and wireless (Wi-Fi) networks are ubiquitous. Organizations need these connections to perform critical business functions, but these connections are susceptible to various ever-evolving cyber threats. As a...
Network-as-a-Service (NaaS): Explained
NaaS, or Network as a Service, is a cloud-based networking model that modifies how businesses handle and use their networks. Instead of having a lot of network equipment on-site, you...
[Solved] Jamf Casper Certificate Error
Apple devices and gadgets have been unparalleled in cutting-edge technology and customer satisfaction over the years. In a recent interview, the CIO of Jamf Linh Lam predicted Apple to reach...
WPA3-Enterprise: Should you Adopt It?
WPA (Wi-Fi Protected Access) was created in the early 2000s when IT professionals quickly realized that WEP (Wired Equivalency Protocol) had terrible security vulnerabilities. WPA2 was ratified in 2004 as...
Is RadSec Necessary for Eduroam?
Students and staff who visit other colleges and universities frequently encounter challenges accessing safe Wi-Fi networks. Without an integrated system, they may encounter connectivity challenges, different login procedures, or concerns...
The Dangers of Self-Signed Certificates
Self-signed certificates continue to pose critical risks to organizations prioritizing secure communication. While they may seem convenient for quick deployments, their inherent vulnerabilities can lead to severe security and operational...
Solved: Error “Cannot Manage Active Directory Certificate Services”
Admins configuring Active Directory Certificate Services (AD CS) for their network may encounter the following error message: Cannot manage active directory certificate services. The system cannot find the file specified:...
What is PIV (Personal Identity Verification)?
Personal Identity Verification (PIV) is a security standard detailed in NIST FIPS 201-2 that creates a framework for multi-factor authentication (MFA) on a smartcard. While PIV was originally designed for...
How Safe Is The EMF Exposure From Wi-fi?
Most people use Wi-Fi, which emits electronic and magnetic fields (EMF). But are the EMFs from Wi-Fi dangerous? The short answer is no, but we'll dig into the question further.
A Guide to Server Certificates
Server security is critical in today’s digitally driven environment. The server certificate, a digital document that verifies the identification of a website or server, is fundamental to Internet communication security....
Top 6 Ways To Prevent Your Network From DNS Poisoning Attacks
As we increasingly rely on the internet for both personal and professional activities, understanding the potential threats to our online security becomes essential. A prevalent and significant risk is DNS...
All that You Need To Know About Public Key Encryption
We are living in a time where wireless security is imperative because private data and personal information are uploaded online. As the amount of online data increases, so does the...
Why is It Safe to Migrate AD CS from SHA-2 to SHA-1 In 2024?
It’s imperative for organizations to fully switch from SHA-1 to SHA-2. The National Institute of Standards and Technology (NIST) stated SHA-1 should not be trusted, PCI Compliance scanners no longer...
Why Do You Need S/MIME Encryption In Network Security
S/MIME stands for “Secure/Multipurpose Internet Mail Extensions”. It’s an IETF standard for public key encryption and creating a digital signature for MIME data. In essence, S/MIME uses a PKI to...
WPA vs WPA2- The Better Wifi Authentication
Wireless networks are omnipresent. You may have access to many wireless networks, whether in a neighborhood coffee shop, a school, or home. However, it’s hard to tell which ones are...
An Overview Of Certificate Revocation List In A PKI
What is a Certificate Revocation List? A certificate revocation list, more commonly called a CRL, is exactly what it sounds like: a list of digital certificates that have been revoked....
How to Integrate with Entra ID For Effective Certificate Management
The transition from on-premise Active Directory (AD) to cloud-based Azure AD (Microsoft Entra ID) can be tricky, leaving Azure admins searching for an easy way to migrate. Unlike AD, there...
How to Configure Dynamic VLAN for EAP-TLS
Researching and implementing new cybersecurity technologies is a vital aspect of maintaining an effective network for your organization. But transitioning to more up to date security measures often comes with...
Benefits of Digital Certificates For Secure Eduroam Wi-Fi
Eduroam has become crucial for colleges worldwide, providing students and staff with seamless, cross-campus Wi-Fi connectivity. However, as more institutions use Eduroam as their principal Wi-Fi network, security and accessibility...
Certificate Lifetimes – Is 20 Years Too long?
Over the last few years, software makers have begun cracking down on certificates that do not expire soon enough. Most browsers will reject any SSL certificate with a lifetime longer...
Can I Use OAuth 2 With ADFS?
What is ADFS? Active Directory Federation Service (ADFS) is a software component developed by Microsoft to provide Single Sign-On (SSO) authorization services to users on Windows Server Operating Systems. ADFS...
Best EAP Method to Configure a Secure WiFi Network
Extensible Authentication Protocol (EAP) is a strong security layer and authentication framework used in Wi-Fi networks. It provides various methods to verify the identities of users and devices before granting...
The Importance of Device Attestation for Zero Trust
Here, you can learn the concepts of device trust and cryptographic principles of attestation in ensuring security of your organization.
Adding a Trusted Root Certificate Authority to Group Policy Objects
Organizations that want the best in authentication security should look no further than certificate-based authentication. When compared to using credentials for authentication, it’s simply no contest. The two pillars supported...
PKI Smart Card Authentication for Enterprise
Companies and governments around the world are finding more and more uses for PKI smart cards – especially for identity management. These tiny chips can be found in a multitude...
Using Multi-Factor Authentication for Network Security
Many inquiries that we receive reference Multi-Factor Authentication (MFA) and how it can be used to improve the network security. MFA is a process that requires more than one form...
How to Check if a Digital Certificate is Revoked
A critical component of EAP-TLS certificate-based authentication is properly managing certificates, which includes confirming that they have been properly revoked AND placed on the list of revoked certificates so the...
How to Set up Device Identification in Defender for Cloud Apps
Want better visibility and control on all devices in your network for efficient device management? Try Defender Device Management with us.
WPA2-PSK is Not Good Enough
In this day and age, employees are accessing their corporate resources wherever they can get a strong wireless signal, whether it be a public hotspot, an airport, or a friend’s...
Why NTLM Authentication is Vulnerable
One of the biggest problems with Windows environments is the insistence to continue to build upon older systems despite the emergence of cloud solutions. Attackers can easily gain access to...
Everything You Need to Know About PEAP Security
Since most transactions and communication are done over networks today, the security of these networks can’t be overlooked. Securing your network connections has never been more critical, as the data...
Does Rotating Preshared Keys Improve Security?
Wifi Protected Access 2 – Pre-Shared Key (WPA2-PSK), a wireless security standard from 2004, is still used by many organizations today. And although it’s safer than its predecessors, WPA2-PSK relies...
OCSP vs CRL: The Best Bet To Revoke Certificates In A PKI
OCSP support is not included in the current roadmap of SecureW2 for some key reasons. Here’s a brief overview of your options for certificate revocation: What is OCSP OCSP stands...
A Guide To Client Certificate Mapping In Active Directory
Certificate mapping, in a general sense, refers to the tying of an identity to an X.509 digital certificate. In practice, the term is mostly used in the context of Microsoft’s...
A Guide To Configure Certificates In Your Yubikey PIV Slots
Physical security tokens like the Yubikey have smartcards that can be configured to store several certificates, the quantity of which depends on the specifications of the secure cryptoprocessor at the...
How To Renew SSL and Client Certificates For Secure Network
Automate certificate distribution and lifecycle management with industry best managed PKI solution. Continue reading to know more.
What is WEP Security?
As we all know, wireless networks simplify numerous business procedures while providing trustworthy security. As a result, a user must be familiar with wireless networks and how they might facilitate...
Preventing Man-in-the-Middle (MITM) Attacks: The Ultimate Guide
A man-in-the-middle (MITM) attack is an incredibly dangerous type of cyber attack that involves a hacker infiltrating a private network by impersonating a rogue access point and acquiring login credentials....
Best Practices for Storing X.509 Private Keys
X.509 certificates play a crucial role in guaranteeing the authenticity and integrity of communications. However, organizations that rely on the security provided by certificates also need to address a concern:...
Guide to AD CS Policies and Enforcement
What is AD CS Used For? Active Directory Certificate Services (AD CS), a Windows server software solution, is used for issuing and managing x.509 digital certificates and provides Active Directory...
What is PKCS11?
High-profile data breaches from major organizations such as Equifax, Solar Winds, and even the White House have pushed network security into the forefront of the public eye. One method of...
Can I Use Let’s Encrypt for an Enterprise?
When it comes to accessible Certificate Authority (CA) solutions that are easily available and free, Let’s Encrypt is second to none. They’ve enabled countless people and organizations to enable certificate-based...
How to Configure Azure AD CBA
With the introduction of Azure AD CBA, Microsoft has taken steps to move past using passwords - and your organization can, too.
Top 3 Ways To Troubleshoot Common Okta Certificate Errors
Okta is one of the leading Identity and Access Management (IAM) service providers for enterprises around the globe. Okta supports binding identities to digital certificates, but you might encounter one...
Certificate Management Guide For Google Workspace
Google Workspace is one of the most common Identity Providers used by enterprises today. The Google ecosystem includes a number of easy tools organizations can use in their daily operation,...
Attack Vectors That Leave Your 802.1X Network Vulnerable
When used correctly, 802.1X authentication is the gold standard for network security. However, even seasoned IT professionals fail to recognize some key points of attack. If they are left unchecked,...
Troubleshoot Okta RADIUS Internal Server Error
Okta is one of the leading Identity and Access Management (IAM) service providers for enterprises around the globe. They provide a great user experience, but sometimes you might encounter some...
Guide: How To Build A PKI Certificate Authority
What is a Certificate Authority? A certificate authority (CA) is an entity that distributes digital certificates. A digital certificate certifies the ownership of a public key by tying it cryptographically...
Overview: Root And Intermediate Certificates
One of the main problems in online communication is trust. Let’s say you communicate with your bank through their website: how can you be sure the bank’s page is real...
Configure Okta Client Certificate Authentication
In this article, you can learn integrating digital certificates with one of the leading identity providers, Okta.
X.509 Digital Certificates Explained
In order to run a certificate-based network, admins need to understand how to create and configure X.509 certificates. X.509 is a cryptography standard for defining a public key certificate. X.509...
Analysis Of Windows On-Premise vs. Cloud PKI Servers.
The definition for a Public Key Infrastructures (PKIs) varies among cyber security professionals, but is generally considered a collection of components that give everything an organization needs to issue and...
Complete Guide to iOS 802.1X
Securely connecting iOS devices to a network can be a difficult task, especially since the Covid-19 pandemic sped up the inevitable rise of hybrid work environments. Network security must be...
Best Practices for Certificate Authority Management
An ever-growing trend in authentication cybersecurity is the replacement of credential-based authentication with certificates. Credentials are simply incapable of protecting a secure network. According to the 2019 Verizon Data Breach...
AD CS Certificate and Security Configuration Exploits
Active Directory Certificate Services (AD CS) is a critical platform in cybersecurity, providing infrastructure for managing certificates within an organization. At the heart of AD CS lies the Public Key...
The Four Stages of a Certificate Lifecycle
Digital certificates are electronic credentials that are used to authenticate the identities of individuals or devices using a particular network. It’s helpful to think of certificates with similar functionality as...
A Comprehensive Review of Certificate Pinning: The Challenges and Alternatives
While digital certificates undoubtedly provide a more secure authentication method than passwords, some organizations still fear the possibility that certificates can be issued to unauthorized parties. Certificate pinning is a...
[Solved] Enterprise PKI OCSP Error
Certificate Management has emerged as one of the better alternatives to avoid the vulnerabilities of credentials in modern-day cyberspace. Here’s a recent incident of a high-profile data breach involving credentials...
Public Key Infrastructure- A High-Level Overview
Digital signatures are pivotal to cybersecurity. They offer a robust mechanism to verify the authenticity and integrity of a document or message. Imagine sending a handwritten letter; your signature assures...
Public vs Private Certificate Authority
Certificate authorities (CAs) play a critical role in securing digital communications and data exchange. Organizations must choose between public and private CAs based on their unique security requirements, use cases,...
Smart Cards for Identity Authentication and Access Security
Smart cards, occasionally called chip cards or integrated circuit cards (IC or ICC), are a broad family of physical electronic authentication devices. More practically, they’re physically-secured microprocessors used to control...
How to Enable Windows Machine Certificate Authentication
Whether you use Windows, macOS, or any other operating system, deploying digital certificates for your device can be the most impactful step to strengthening your network security. Digital certificates use...
How to Generate Root & Intermediate CAs
With 10 million attacks targeting usernames and passwords occur every day. it’s not a bad idea to drop passwords wherever possible. A proper PKI allows your network to utilize certificate-based...
Windows Defender Credential Guard and PEAP MS-CHAPv2
In today’s evolving world of cybersecurity, protecting data and user credentials is of utmost importance as it is the biggest threat to an organization’s security. Microsoft has implemented two security...
Active Directory Certificate Services (AD CS): Explained
There are many components involved in running a certificate-based network. You need to establish trusted servers and certificate authorities (CA), make sure devices can enroll for certificates, authenticate users, manage...
What is RSA Asymmetric Encryption? How Does it Work?
Encryption is the systematic process of converting plain, readable information, or data, into an unreadable format to prevent unauthorized access. This process is achieved by implementing a set of rules...
High Level Comparison Of User Certificate vs. Device Certificate
The popularity of digital certificates has been soaring day by day with the advancement of cloud technology. It has already replaced the traditional usage of credential-based protection in various IT...
Internal Or External CA- The Best Bet For Your Organization?
Public Key Infrastructures (PKI) are widely used by organizations because they secure communications among servers and clients with digital certificates and certificate authorities (CA). Certificates are a combination of cryptographic...
SHA-256 vs. SHA-1: Which Is The Better Encryption?
Sending information in clear text over the air is a tremendous risk in today’s complex cybersecurity environment. Hackers constantly evolve attack vectors to target sensitive data in transit, but encryption...
Your Guide To Renew Certificates On Microsoft CA
Organizations can leverage digital certificates to build a robust network, as certificates use public-private key encryption to encrypt information sent securely over-the-air. Managing digital certificates for a smaller organization is...
MAC Spoofing Attacks Explained: A Technical Overview
New cyberattacks and breaches are reported every day in our news feeds. Cybercriminals target people as well as large corporations and other businesses. One of the many techniques hackers employ...
SCEP( Simple Certificate Enrollment Protocol): A Complete Guide
Distributing certificates to managed devices can be a monumental task with a lot of moving parts that need to be accounted for: PKI integration, establishing a gateway, configuration policies, certificate...
AD CS Certificate Templates: Security Best Practices
Microsoft AD CS allows administrators to establish their domain’s CA to deploy a digital certificate with Microsoft PKI Infrastructure. To properly run their PKI infrastructure and after establishing their hierarchy, administrators...
Certificate Signing Requests: Explained
X.509 digital certificates use the X.509 Public Key Infrastructure (PKI) to certify a public key to a user, device, or service identity embedded in the certificate. A PKI encapsulates the...
Resolving SCEP Certificate Enrollment Initialization for Workgroup Error
Utilizing MDMs to establish a highly secure environment is an excellent safeguard for mitigating user error risks and developing consistency in device management. This common practice amongst enterprises is a...
Configuring SCEP Profiles in Intune: A High-Level Overview
Nowadays, network admins have started to come around to the benefits of digital certificates, which is a justified response given the superior cryptographic protection compared to traditional passwords and usernames....
How To Revoke Certificate in Windows (AD-CS)
Digital Certificates are an integral part of a Public Key Infrastructure (PKI) and cybersecurity as a whole. The certificates can encrypt communications and authenticate the identity of users and machines....
How Does SSH Certificate Authentication Work?
Secure Shell (SSH) certificate authentication provides a robust method for authenticating users and hosts connecting to an SSH server. As a protocol, SSH prevents unauthorized parties from accessing systems remotely....
Understanding Mutual TLS (MTLS) Authentication: How It Works
Mutual TLS, or mTLS, is a trending talk of the town, especially regarding cryptographic encryption in general. Since you’re here, there’s a good chance you’re concerned about the network at...
Network Segmentation Best Practices
VLANs are a great way to increase security because they reduce the risk of threats spreading throughout the network. A threat can quickly move around the network if users/devices are...
Smart Card Authentication with Active Directory
Chances are, your work requires you to have logins and passwords for multiple resources. On top of that, you probably have to update your password regularly, ensuring that each new...
How to Build and Set Up Your Own PKI
A Managed Public Key Infrastructure (PKI) is a vital part of any comprehensive network security strategy. It allows you to use digital certificates for authentication, a form of credential that’s...
802.1X EAP-TLS Authentication Flow Explained
For many organizations, the IEEE 802.1X authentication mechanism for Port-Based Network Access Control is the first line of defense against outside attack. It’s also one of the most commonly targeted...
WPA3: The Ultimate Guide
The network type Wi-Fi Protected Access (WPA) has been upgraded once since its inception in 1999. In 2004, it was replaced by WPA2, which has stood as the standard for...
Android 11 Server Certificate Validation Error and Solution
*Updated Feb 2021 The dust has settled on the Dec 2020 Android 11 update and, for better or worse, the effects on network authentication have not been as drastic as...
Should WPA2-Enterprise Be Used For My Home Network?
Securing home wireless networks has never been as important. An increase in remote work requires more people to handle sensitive business data at home. On top of this, our lives,...
How to Use IEEE 802.1x Authentication for a Wired or a Wireless Network
IEEE 802.1x authentication is a standard for port-based network access control. It essentially requires devices to authenticate themselves before gaining access to network resources. This standard is versatile, working seamlessly...
What Are Wildcard Certificates?
SSL certificates (Secure Sockets Layer) and their successor TLS certificates (Transport Layer Security) are critical for establishing secure communications over the Internet. They authenticate the identity of a website and...
What is a Hardware Security Module (HSM)?
Data security has never been more critical. Hardware Security Modules (HSMs) are pivotal in safeguarding the cryptographic infrastructure of numerous global enterprises. HSMs have come a long way, from niche,...
4 Ways to Secure Wi-Fi Connectivity
Wi-fi networks are ubiquitous as more and more users connect to networks remotely for work, access data and applications, and manage IoT devices. As their popularity grows, so do the...
What is a PKI Token?
Today’s world relies heavily on online interactions, such as collaborating with family, friends, and colleagues on social media or checking our bank accounts. However, this ease of use raises security...
Understanding PKI Certificates
Imagine conducting important business online without identifying the person you’re interacting with. It would be like handing sensitive documents to a stranger on the street; every login would be risky....
Mitigate the Risks of a Pre-Shared Keys-Based Network
Wi-Fi security is designed to safeguard data as it traverses the airwaves in wireless networks. Wi-Fi Protected Access (WPA) emerged as a response to the glaring deficiencies of its predecessor,...
Everything You Need to Know About SecureW2 Deployment
Relying on passwords alone to safeguard access to your resources (including Wi-Fi, applications, and email security) is no longer secure. Cyber attacks designed to harvest credentials become increasingly complex by...
A Deep Dive into PKI Certificates
Corporate data, social media pages, applications, and user data are crucial assets of an organization, and any theft or misuse of these could lead to huge financial losses. They not...
What is WPA Authentication?
The ubiquity of Wi-Fi networks in today’s world has made them popular targets for cyberattacks, especially if they rely on vulnerable mechanisms like passwords. In a 2021 study, security researchers...
Introducing WebAuth Wi-Fi with Cloud IDPs
It’s no secret that open Wi-Fi networks are infamously insecure, and Pre-Shared Key (PSK) networks aren’t much better. If you tie your organization’s Wi-Fi to a single password and more...
WPA3 vs WPA2: What’s the Difference?
The standards used to protect wireless/Wi-Fi networks have evolved over the years to keep up with emerging threats and protect sensitive data. WPA2 and WPA3 are some of the more...
How To Prevent Man-in-the-Middle Attacks
Man-in-the-middle attacks (MITM) or on-path attacks are becoming common and complex. Organizations are putting in a lot of effort to mitigate these risks to no avail. Phishing kits are freely...
Risk of Public Wi-Fi
Public Wi-Fi is any network other than your home or work network and is commonly found in places such as airports, malls, coffee shops, hotels, and restaurants. It allows users...
What is Secure Sockets Layer (SSL)?
Security over the internet has drastically improved in the few decades that the internet has been widely available. The average user doesn’t realize how much goes on behind the scenes...
Transport Layer Security (TLS) Explained
Protecting and encrypting communications online is vitally important as there are countless attempts made daily to intercept them for nefarious purposes. From securing a bank transaction to protecting an authentication...
What is a PKI (Public Key Infrastructure)?
The use of a Public Key Infrastructure (PKI) by an organization demonstrates a dedication to cybersecurity. It enables passwordless authentication, encrypted communication, and it has been listed by organizations such...
Layer 2 Attacks that Defeat PSK Networks
Move away from traditional PSKs to digital certificates and protect your network from Layer 2 attacks. Know more here!
Passwordless Authentication: Explained
Do you want to move to effective Passwordless authentication solutions? Read to find out how a robust passwordless solution can enhance your network's security.
Securely Eliminate MFA with Azure AD CBA
Hackers acquired the personal data of over 37 million T-Mobile users, including names, dates of birth, Social Security numbers, and driver’s license information, in a recent incident that featured a...
Using Certificates for Granular Application Access with Microsoft Defender
The cloud presents an enticing opportunity for businesses – it makes important resources available anywhere, allows them to offshore the cost of storage, and can even save them on hardware...
How Digital Certificates Enable Secure Single Sign-On (SSO)
Users in an organization typically need access to many applications to assign and complete their tasks, access email, write code and communicate with each other. Multiple apps require multiple sets...
How to Set Up Passwordless Authentication on Chromebook
Many enterprises are planning to shift towards passwordless authentication for their managed Chromebooks. Passwords have been proven to be a weak form of security, so it’s in everyone’s best interest...
Auto-Enrolling Certificates in Jamf
Digital certificates have become the backbone of safe access in Apple environments, and Jamf is still the top platform for managing Macs, iPhones, and iPads at scale. By integrating Jamf’s...
Why a Managed PKI (MPKI) is Probably Right for You
If you’ve decided to make the move to secure certificate-based authentication, one of the first things you need to figure out is whether you’re going to build your own Public...
How To Utilize PKI Certificates
Using a Public Key Infrastructure (PKI) is a great step for any organization choosing to prioritize their network’s security. The primary purpose of a PKI is to manage the public...
5 Reasons AD CS Is Not A Complete PKI
Credential-based authentication is the most common form of authentication that everyone is accustomed to. But with most decades-old technologies, credentials are woefully ill-equipped to face modern security threats. While multi-factor...
3 Hidden Costs of an On-Prem CA
A certificate authority is a requirement for many organizations, whether for customer-facing products or internal security protocols. One of the first decisions to make regarding a Public Key Infrastructure (PKI),...
What is Certificate Revocation?
The average number of certificates an organization needs to manage grew 43 percent in 2020, so having a good certificate management system is paramount to success for any enterprise. SecureW2’s...
How to Setup Microsoft Enterprise PKI
The definition for a Public Key Infrastructures (PKI) varies among cyber security professionals, but is generally considered a collection of components that give everything an organization needs to issue and...
A PKI is the Foundation for Zero Trust Network Security
The IT industry is evolving rapidly, with new technologies, devices, and systems introduced regularly. Organizations are regularly having to update and upgrade their environments regularly to keep up with the...
Managed Certificate Authority Services
What is a Certificate Authority? A certificate authority (CA) is an entity that distributes digital certificates. These certificates cryptographically tie an identity to a public key, ensuring that individuals online...
What is a Microsoft Certificate Authority?
What is a Certificate Authority? A certificate authority (CA) is an entity that distributes digital certificates to devices. They assist in validating the identities of websites, individuals, and devices before...
How to Run Your Own Certificate Authority
What is a Certificate Authority? A certificate authority (CA) is an entity that distributes digital certificates to devices. A digital certificate certifies the ownership of a public key by tying...
G Suite + FreeRADIUS for WiFi Authentication
IT experts are stressing network security now more than ever, especially considering the massive amount of revenue loss that can occur with a security breach and how 10 million attacks...
SSL vs. TLS Certificates
One of the most important security precautions for any customer-facing organization is to ensure data sent between the two parties is protected from outside attacks. Without data integrity, customers or...
Okta Smartcard Authentication Expanded
Okta is a popular choice for organizations that want top-of-the-line cloud identity management. It’s one of the largest identity providers with a modern cloud directory and a plethora of handy...
AD DS: Explained
The purpose of online directories is to store resources on the network in a way that it’s simple to access. Microsoft’s Active Directory (AD) has risen through the ranks to...
Can I Use NPS with Cloud Directories?
The RADIUS protocol is used by thousands of organizations to protect their networks. Network admins set up RADIUS servers to verify approved network users, drastically reducing the risk of a...
Strong Network Security with Azure
Azure AD is a highly effective IDP that was built as a successor to Active Directory (AD) to accommodate newer, cloud-centric organizations. AD does not work natively in the cloud,...
PKI Delivery Software for Every Device
While the advantages of certificate-based authentication over credential-based are well documented, many still experience the barrier to entry of provisioning devices with certificates. This is certainly a valid concern for...
Enable Secure Wi-Fi with AD CS
In an age where people have migrated to conducting business online, organizations must ensure their Wi-Fi networks are protected from outside threats. Cyber attacks, including the infamous man-in-the-middle attack, prey...
Can I Use Passpoint with Google Workspace
Passpoint is the premier tool for ensuring your users have network access while roaming, but it can be a little difficult to deploy. Fortunately, SecureW2 has a solution that integrates...
Creating Private Certificates Authorities for Internal Use
What is a Certificate Authority? A certificate authority (CA) is an entity that distributes digital certificates to devices. These certificates cryptographically tie an identity to a public key, ensuring that...
Managed PKI VS Private PKI
Deciding between a managed PKI and a private PKI is a difficult decision. Each method of PKI management has advantages and disadvantages, and if you’re coming from a place of...
Top 4 Managed PKI Use Cases
A Managed PKI is a vital part of any comprehensive network security strategy. It allows you to use digital certificates for authentication, a form of credential that’s much more secure...