Configure Google SCEP Certificate Automatic Enrollment Profiles
Certificates are far superior to credentials and mitigate many of the vulnerabilities associated with pre-shared keys. They enhance the user experience by facilitating network access and removing password-related friction induced...
The Password That Collapsed a Company: What We Can Learn from the KNP Logistics Ransomware Attack
“A ransomware attack on the group’s IT systems had such a devastating impact that the group concluded it could not continue to trade,” – BBC KNP Logistics (formerly known as...
5 Million Unsecured Wi-fi Networks: Why We’re Still Failing at Basic Network Security
As of 2025, more than 5 million unsecured Wi-Fi networks are active worldwide. Schools, hotels, small businesses, and even enterprise guest networks continue to rely on open or shared-password Wi-Fi....
What is the difference between MITM and AITM?
A traditional Man-in-the-Middle (MITM) attack primarily involves an attacker passively intercepting a communication channel to eavesdrop or steal static credentials, such as passwords. The Adversary-in-the-Middle (AITM) attack takes this a...
Passwordless Magic Link Authentication: Explained
Want to know how magic links work? Read on to know more about magic links other passwordless authentication methods for network security.
How to Use Yubikeys for VPN
Yubikeys are a useful and secure tool for protecting yourself from data theft. They add a layer of authentication and can be used with other authentication methods to further protect...
Deploy Yubikeys For Secure Wi-Fi in WPA2-Enterprise Network
Security keys are useful tools for hardening your devices with an additional factor of authentication. Did you know that same protection can be extended to your network? SecureW2, a Yubico...
5 Ways to Protect iOS Networks From Password Sharing Risks
If you are an Apple device user, you must know about the Airdrop feature, which lets you share files. You can also use the Airdrop feature to share your WiFi...
WPA2-Password Safety In An Enterprise Network
When you try to connect to a Wi-Fi network and are asked for a password, do you ever find it hard to figure out what to do? You’re not by...
Can you Authenticate RADIUS with YubiKeys?
As YubiKeys achieve widespread adoption, the industry keeps finding more and more uses for the powerful little device. One of the more interesting use cases for YubiKey is AAA/RADIUS authentication....
Microsoft Intune Enterprise Wi-Fi Profile Best Practices
Microsoft Endpoint Manager (Intune) is a stellar MDM that we frequently encounter in managing managed devices, especially when the enterprise size is large, and we need to have centralized control...
EAP-TLS Explained: How It Works and Why It’s Secure
Extensible Authentication Protocol–Transport Layer Security (EAP-TLS) is an IETF open standard defined in RFC 5216. More colloquially, EAP-TLS is the authentication protocol most commonly deployed on WPA2-Enterprise networks to enable...
How Does Wi-Fi Certificate Authentication Work?
Wireless network security is of the utmost importance in the rapidly evolving digital world. Wi-Fi certificate authentication has become a vital option that not only makes networks safer but also...
JAMF vs. Kandji: Apple MDMs compared
Read and compare JAMF and Kandji as Apple MDM solutions here.
How to Set Up Passwordless Authentication on Chromebook
Many enterprises are planning to shift towards passwordless authentication for their managed Chromebooks. Passwords have been proven to be a weak form of security, so it’s in everyone’s best interest...
Identifying Network Issues with 802.1X
Open SSIDs don't offer the degree of troubleshooting visibility 802.1X does. Here's how 802.1X helps you troubleshoot network issues.
Enrolling Devices for Certificate Auth for OneLogin Device Trust
Amidst uncertainties in times of war, hackers have frequently upgraded their attack modes and penetrated almost every industry you can think of. The Australian cyber-security head has admitted reporting one...
What the Windows 11 TPM Requirement Means for Microsoft
Cyberspace is a rapidly evolving world, and in order to keep up with the pace, tech organizations must evolve at a similar speed. The cyber performance enterprise Riverbed recently analyzed...
Google Cloud Certificate Authorities Service Alternative
The digital world has been on a growth spurt for the past few years as more and more devices have come into being. An average user has at least two...
Device Authentication with User Attributes for Cloud Directories
When users and devices authenticate to your network, you should ideally have as much information from them as possible to make context-rich security decisions. Certificate-based authentication (CBA) empowers administrators to...
Digital Signatures: Explained
An effective Zero Trust architecture is built on a foundation of identity context. Digital signatures support a Zero Trust initiative by cryptographically assuring the identity of the signee, answering questions...
The Anatomy Of An X.509 Digital Certificate
Digital certificates are frequently used in the online world as a means of identification. The information embedded in the certificates lets anyone verify the identity of an entity with the...
Cloud-Hosted LDAP is Vulnerable with Credentials
Organizations are always looking for a new strategy to increase the convenience of using their network without compromising security. As a result, many have sought out cloud solutions. Read here...
Can I Use Google Secure LDAP for Wi-Fi?
LDAP’s importance cannot be denied. As a protocol, it has greatly simplified the directory search process. Unfortunately, as time goes on, LDAP has begun to grow outdated, especially given its...
Why a Managed PKI (MPKI) is Probably Right for You
If you’ve decided to make the move to secure certificate-based authentication, one of the first things you need to figure out is whether you’re going to build your own Public...
Can PKI Replace Passwords?
There is a new trend that’s taking the IT world by storm: Passwordless Authentication. NordPass estimates that the average user has between 70 and 80 passwords. That’s why people so...
Combining FIDO2 and PKI: Supporting All Your Applications
The world of IT is constantly evolving. This is true due to both advancements in technology and the emerging remote work landscape of the world. Remote work is now commonplace...
How To Utilize PKI Certificates
Using a Public Key Infrastructure (PKI) is a great step for any organization choosing to prioritize their network’s security. The primary purpose of a PKI is to manage the public...
How to Address MAC Randomization for Cloud Networks
Mac Address Randomization is an increasing trend among device manufacturers that are quickly becoming the industry standard. While it can help in reducing the risks of data breaches and spying...
Top 4 Network Security Tips for Returning to School
The rapid and unexpected transition to remote learning led many schools to scramble for solutions to a new teaching experience. This led to many schools being forced to stretch their...
Google Workspace Network Security Best Practices
Considering the massive amount of revenue loss that can occur with just a single security breach and the continued prevalence of cyber attacks, organizations need to be emphasizing network security...
Should I Bind Non-Windows Devices to Active Directory?
Digital certificates are starting to take over as the preferred method of network authentication because of their proven superiority to passwords in security and user experience. Many organizations are wanting...
Comparing: OAuth, OpenID Connect, and SAML
Properly protecting a network requires administrators to make numerous decisions about their security. Knowing what protocol or system to implement at what stage is paramount to network safety. With Cybercrime...
OAuth Vs. OpenID? Which is better?
Authorization and authentication processes need to be more solid and safe than ever. OAuth and OpenID are two well-known names in this field. Before we get into the OAuth vs....
Using Object Identifiers In PKI Management
Management of a PKI can be a full-time task for an IT team. Ensuring network users are able to authenticate to a secure network, easily maintaining their network identity, providing...
Configuring MFA with AD FS
It’s widely held knowledge that using a single factor for authentication to wireless networks is less than secure and easily exploitable by hackers. Many organizations recognize this and utilize Multi-Factor...
Tying IP Addresses to Azure Active Directory Users
Effectively tracking and managing identity context is one of the most important aspects of a secure Azure-based network. Without accurate identity context, it’s near impossible to determine if someone is...
Everything You Need to Know About FIDO2
Security Keys are a method of authentication that is becoming increasingly more commonplace due to the additional layer of security they provide. They are a versatile security component that can...
I Have Active Directory, How do I Move to the Cloud?
It’s no secret that organizations are making the transition to cloud-based network environments. This is especially true considering the dramatic increase in remote work due to the global pandemic. Network...
Zero Trust Strategy Best Practices With AD CS
Zero trust is a burgeoning security practice among cybersecurity-focused organizations. The main concept behind zero trust is limiting a user’s resources to only what they need access to. For example,...
Private Key Attestation on macOS
Key attestation is a necessary part of creating valid X.509 digital certificates. Asymmetric cryptography requires that the client be able to prove its identity by attesting to the secure creation...
The NPS Extension for Cloud Authentication
Authentication security is an incredibly diverse field with countless options for organizations to choose from. How to authenticate your users to a secure network is a difficult decision to make...
3 Hidden Costs of an On-Prem CA
A certificate authority is a requirement for many organizations, whether for customer-facing products or internal security protocols. One of the first decisions to make regarding a Public Key Infrastructure (PKI),...
How To Use Google Wi-Fi Without Active Directory and NPS?
While technology changes rapidly, one constant is the use of Google and its spread across all facets of business technology. But how people connect to Google services and how they...
Simplify Certificate Enrollment with AD CS
Many organizations recognize the inherent cybersecurity weakness of credential-based authentication and have made the switch to certificates as a result. The decision to move away from reliance on credentials is...
What is OpenXPKI?
Deploying digital certificates for internal and external use is a growing trend throughout countless industries. Of course, as more people convert to using certificates, they find that using the proper...
The Best Private CA / PKI Service
The use of certificates for network security is rapidly increasing due to their superiority over all other authentication methods. They’re incredibly versatile and can enable authentication customization that far surpasses...
Issuing Certificates to Corporate-Owned Devices with Okta
Large organizations face a common problem when it comes to authentication: managing a variety of credentials for an assortment of different web applications. Each different application requires a unique set...
What is Certificate Revocation?
The average number of certificates an organization needs to manage grew 43 percent in 2020, so having a good certificate management system is paramount to success for any enterprise. SecureW2’s...
A PKI is the Foundation for Zero Trust Network Security
The IT industry is evolving rapidly, with new technologies, devices, and systems introduced regularly. Organizations are regularly having to update and upgrade their environments regularly to keep up with the...
Top 3 Pitfalls of Authenticating with OAuth
What is OAuth? Let’s demystify OAuth by starting with a definition. At its core, OAuth provides clients secure access to a server’s resources on behalf of a resource owner. OAuth...
Managing an Internal CA
When considering the failures of credential-based authentication, it’s no surprise that many security-conscious organizations have been upgrading to certificates for authentication. One of the benefits of certificates is the flexibility...
Managed Certificate Authority Services
What is a Certificate Authority? A certificate authority (CA) is an entity that distributes digital certificates. These certificates cryptographically tie an identity to a public key, ensuring that individuals online...
How to Configure Azure AD Attributes on Certificates
Attribute mapping in Azure AD (Microsoft Entra ID) is easier than you might think. With a simple SAML application, you can use customizable Azure attributes to enforce dynamic policy options...
Using Okta to Implement Zero Trust Network Access
Zero Trust is a cybersecurity concept that is being implemented by many security-conscious organizations to combat the external and internal threats they face. At its core, the purpose of Zero...
How to Run Your Own Certificate Authority
What is a Certificate Authority? A certificate authority (CA) is an entity that distributes digital certificates to devices. A digital certificate certifies the ownership of a public key by tying...
G Suite + FreeRADIUS for WiFi Authentication
IT experts are stressing network security now more than ever, especially considering the massive amount of revenue loss that can occur with a security breach and how 10 million attacks...
Managed PKI Solutions for Active Directory Certificate Services
Investing in a Public Key Infrastructure (PKI) for your 802.1x network is the single best decision you can make to improve your network. The hardened security and improved user experience...
Best Cyber Security Practices for MSPs
Over 30 millions businesses have fewer than 1,000 employees and many don’t have the IT budget to provide effective network security. Managed Service Providers (MSP) are a godsend for small...
How to Choose a Managed Cloud PKI
As cloud technology and reliability continue to surpass their on-premise counterparts, more than 50% of organizations have made the switch to managed cloud PKI or plan to soon. If your...
YubiKey PIN/PUK Configuration at Scale
Yubikeys are an all-in-one MFA device. In addition to serving as a physical authentication token, they can generate one-time-passwords (OTP) and require users to input a PIN. It’s quite difficult...
Enhanced Azure Authentication with Yubikey
The cross section of organizations that use Azure AD (Microsoft Entra ID) for identity management and Yubikeys for MFA is already sizable and growing by the day. Recent advancements in...
Are Passwords Secure?
Credential-based authentication is the method nearly all network users are used to and has been a common tool for decades. But unlike other decades-old technology, passwords have not been phased...
Mobile Authentication with 802.11u
As mobile device users continue to expect stronger roaming connections and faster data speeds, Wi-Fi Alliance developed PassPoint to meet these high standards. It allows users to easily transfer from...
Can I Use Passpoint with Google Workspace
Passpoint is the premier tool for ensuring your users have network access while roaming, but it can be a little difficult to deploy. Fortunately, SecureW2 has a solution that integrates...
Can I Use The Okta RADIUS Agent For My Wi-Fi?
An Okta RADIUS server agent is a lightweight program that runs as a service outside of Okta. It is usually installed outside of a firewall which gives Okta a route...
Passpoint r1 & r2 Compared
Enabling an online connection while users are away from their home networks has been a challenge for those that want a complete and efficient system. The use of mobile data...
How To Address America’s Ransomware Threats
Over the course of the 2010s, ransomware attacks on city and state governments have increased in number and effectiveness. The lack of proper cybersecurity measures has highlighted a weakness in...
PPSK Is Not an Alternative to 802.1x
Believe it or not, the aging WPA-Personal protocol has seen some innovation in the past few years. Several companies have developed unique PSK authentication protocols with varying names, though “Private...