Global Fintech Leader Switches All Devices to EAP-TLS with SecureW2
In December 2018, the company contacted SecureW2 to help set-up an EAP-TLS cloud environment for their network. The entire PKI was set up from scratch after just a few phone calls.
The organization currently has 1,200 devices enrolled with certificates and a fully capable BYOD system enabled with certificate self-enrollment.
As an expanding company, the organization was seeing its number of employees increase dramatically. They had a small team that was in charge of their network security that eventually wanted to move away from their Pre-shared key (PSK) authentication method. “With each new employee, we knew that we could expect at least one new password-related issue, it got to a point where we knew something had to change.” Chris, the Senior Information Security Specialist said.
Chris and his team decided they wanted to go with 802.1X EAP-TLS authentication, in order to get rid of passwords and take advantage of certificates. “We knew we wanted to use certificates, but were hesitant to make the transition because we have different kinds of managed devices running on different operating systems, and from what we knew it would be a big hassle getting them all enrolled.”
The company knew that a requirement for all WPA2-Enterprise networks is the use of a RADIUS server. They initially wanted to get an on-premise server to leverage their new network security, but after some research found it was too expensive a solution, the IT administrator explained, “We didn’t initially realize how hands-on the process of getting an On-Site RADIUS was and we were having a hard time justifying the enormous cost in maintenance.”
Eventually, they decided they needed their solution to work in a cloud environment in order to reduce the costs associated with on-premise infrastructure.
Lastly, the company has a number of printers with access to their network, so they needed a way to ensure no bad actors could use one as an attack vector. To ensure a completely secure network, they wanted a way to enroll their printers for certificates as well.
The customer evaluated several 802.1X solutions and found that SecureW2 offered the best solution for their needs based on capabilities, managed services, and affordability.
Chris explains, “After taking a look at different SaaS RADIUS solutions, we saw that SecureW2 was the only platform that met all of our specific needs. They have met all our expectations and then some. Anytime we have a question or need a new feature, their support team has always been right there to help.”
SecureW2’s Managed Device Gateways for certificate auto-enrollment has made certificate distribution for users a breeze, as they quickly enrolled over a thousand devices in just a few weeks.
After getting started with SecureW2, the COVID-19 pandemic forced most of the customers’ employees to start working from home. The company needed a way to ensure their data remained safe even when away from the office. They used SecureW2 to enroll end-users with certificates to access their VPNs, now over 1,000 employees are able to securely access company data. Some other notable advantages the customer has enjoyed are:
- A massive reduction in password-related help-desk tickets.
- Easy certificate enrollment for IoT devices such as their printers.
- An easy-to-manage certificate portal with a complete graphical user interface.
With a completely cloud-based network and a fully functional PKI, the client is ready for any potential threat. They are currently transitioning to a more Okta based environment and can rest easy knowing they’re Okta directory is easily integrated with SecureW2.
The customer is moving towards a zero-trust network and is pushing to use certificates wherever possible to reinforce their security and move away from insecure passwords.
The firm has reached the point where they aim to use certificates wherever possible to strengthen and mature their security by completely moving away from passwords.
This company was one of the founders of an emerging industry that uses technology to improve activities in finance. They help start novices on the path to financial freedom with consulting, tips, and east-to-use applications.