Instrument Case Study

Instrument

Case Study

Moving to SecureW2 allowed us to not only get rid of our on-premise servers, but it tied RADIUS and PKI Services to make things super manageable and affordable.

Instrument is an independent digital creative agency with offices in Portland, Oregon and New York City. They launch brands, products, campaigns, and interactive experiences through many different mediums to a large variety of clientele.

Following a recent expansion to New York, the networking team was looking for a way to use 802.1x wireless to connect new devices without the hassle of installing a new and costly on-premise server. With the transition to cloud-based servers becoming the norm in the industry, the networking team made it a point of emphasis to formulate a cloud-centric approach to their problem.

The networking team initially tried implementing 802.1x with Foxpass, but they weren’t given the support that they were looking for and struggled to implement EAP-TLS certificate authorization as a result.

Investigating the Solution

Instrument had been issuing certificates with an on-premise directory server for their Portland office. Rather than finding a way to tie the on-premise server with another one for their New York office, the network team attempted to find a cloud-based solution.

We had initially tried out Foxpass, but it wasn’t giving me the EAP-TLS, certificate-based authorization that I wanted.

They learned about Foxpass and SecureW2 through the Mac Admin Slack community and decided to first give Foxpass a shot. The first transition to Foxpass worked well, but Instrument’s employees were forced to use password-based authentication, which is far less secure than certificate based-authorization.

Foxpass also didn’t offer a PKI solution that they deemed suitable for their needs. They attempted to remedy this by creating and implementing their own PKI to work in tandem with Foxpass. Their PKI solution proved to be more harm than good as the IT department, which consists of three people, simply didn’t have the time needed to maintain a PKI of the size that they required.

“To be honest, I didn't have the time nor a lot of the incredible expertise in setting up, maintaining, and securing the key infrastructure” said Brent, an IT representative.

The time saving and the ease of deployment were far and away better with SecureW2.

Furthermore, Instrument wanted the ability to integrate with Jamf for automatic enrollment based on a managed and trusted device, which Foxpass could not offer either.
In order to fulfill all requirements that Instrument was looking for, they needed:

  1. An easy to use PKI infrastructure.

  2. Simple integration with Jamf.

  3. A cloud based solution to tie security from their Portland and New York offices.

Implementing The Solution

With the new system in place, Instrument has enjoyed the ease and simplicity of a cloud-based network that allows both offices to be integrated with one another.

I came into the conversation with SecureW2 thinking about security. But after seeing how easy it was to deploy, realized this is going to be not only more secure, but it’ll be way easier

The use of EAP-TLS, certificate-based authentication has also eliminated all the headaches associated with passwords. Brent states that “nobody talks about their Wi-Fi password anymore. It’s just assumed that it’s going to work.” Compare this to before SecureW2; if an employee forgot a password, IT was forced to reset the password for the entire directory.

The misconception about the difficulty of setting up EAP-TLS has turned away some in the past, but in reality, it can be a simple process with the proper PKI. EAP-TLS offers the highest level of security, and SecureW2’s JoinNow Suite makes the authentication process quick and easy. Our cloud-based solution allows organizations like Instrument to get rid of pricey on-premise servers to reduce cost and increase efficiency.

The support was amazing. And it still is amazing. I would definitely recommend it.

Whether you are using managed devices or BYODs, SecureW2 can help streamline your networks’ onboarding process and provide you with amazing support to ensure any questions you have regarding your network are answered.