Back to customer stories
Customer story

Centralized enrollment and authentication of Microsoft Intune-managed devices

Erie_1_BOCES_logo
skola-AdobeStock_66151053

Watch the video

Public school cooperative Erie 1 BOCES was looking for a solution to authenticate mobile devices of students and faculty for Wi-Fi access. PrimeKey EJBCA, with its integration with Microsoft Intune, was the scalable, cost-efficient, and easy-to-use solution they were looking for.

Erie 1 BOCES is a New York state board of cooperative educational services that delivers state-of-the-art technology and support to more than 100 school districts across 7 counties. It was established as a way for local school districts to collaborate on services and to reduce their individual expenses. As such, scaleable, cost-effective, and centrally-managed solutions are highly preferred.

When Steven Duckworth, Chief Microcomputer Technical Support Specialist at Erie 1 BOCES, was looking for a solution to authenticate district-owned devices of their students and faculty for Wi-Fi access, he knew it would need to be scaleable, cost-effective, and easy-to-use.

Securely enabling a modern cloud architecture

Duckworth and his colleagues have been transforming Erie 1 BOCES for years to a modern approach to managed IT services. Erie 1 BOCES and its districts leverages cloud services, such as Microsoft Azure Active Directory and Microsoft Office 365, so it made sense to turn to Microsoft Intune for its corporate device management.

According to Duckworth, due to the COVID-19 pandemic, districts started to inquire about remote management of Windows devices and Microsoft Intune for remote instruction. Microsoft Intune would enable the IT staff of Erie 1 BOCES and districts to enroll their laptops to push apps, policy and certificates to those devices in order to authenticate them against their Wi-Fi network. However, Duckworth also required a third-party solution to manage the PKI and certificate process.

“It was important to authenticate devices in a secure manner, which required a public-facing certificate management solution since the devices were bound to Azure AD,” said Duckworth.

EJBCA – scaleable, cost-effective and easy-to-use

During the RFP process, Erie 1 BOCES rejected other vendors that were charging per certificate. The costs were adding up.

“I started doing the math…if each device required a certificate across dozens of districts, the costs would be astronomical: more than $250,000 per year,” remarked Duckworth.

PrimeKey stood out with its flexible approach to enterprise PKI and certificate management. Its cloud-based deployment would enable remote management of multiple school districts in different locations, at a fraction of the cost. 

“EJBCA is scaleable, cost-effective, and easy-to-use, which enables our organization to remotely enroll and authenticate Microsoft Intune-managed devices for students and faculty across many school districts and counties,” said Duckworth.

Deployment was a breeze. Erie 1 BOCES integrated PrimeKey with Microsoft Intune in about two weeks and has issued certificates to thousands of devices. Now there are plans to extend this deployment to thousands of other devices as well.

Duckworth concluded, “There was the potential that integrating a full-lifecycle certificate management solution would be a heavy lift, especially from the technical side, but it was definitely not an issue – PrimeKey made it easy, every step of the way.”

Steven Duckworth, Chief Microcomputer Technical Support Specialist for Erie 1 BOCES

”EJBCA is scalable, cost-effective, and easy-to-use, which enables our organization to remotely enroll and authenticate Microsoft Intune-managed devices for students and faculty across many school districts and counties.”

scep-certificate-vendor-integration

Benefits

PrimeKey EJBCA:

  • Powerful, flexible, and easy-to-use. A full-lifecycle solution.
  • Issue, manage, and revoke certificates with Certificate Authorities (CA), Registration Authorities (RA) and Validation Authorities (VA).
  • Cloud-based deployment enables remote management and scaleable licensing.

Microsoft Intune integration:

  • 3rd party PKI and certificate management.
  • Remotely enroll and authenticate Microsoft Intune managed mobile devices .
  • Native support for Azure Key Vault 

Download PDF

 

Watch this video

– and see how EJBCA made security simple for Erie 1 BOCES

Products used for this customer

Learn more about the products that helped this customer to a successful solution: 

EJBCA® Enterprise

Complete public key infrastructure (PKI) and certificate management

Explore EJBCA Enterprise

This website uses cookies

Cookies consist of small text files. They contain data that is stored on your device. To enable us to place certain types of cookies we need to obtain your consent. At PrimeKey AB, corp. ID no. 556628-3064, we use the following kinds of cookies. To read more about which cookies we use and storage times, click here to access our cookies policy.

Manage your cookie-settings

Necessary cookies

Necessary cookies are cookies that must be placed for basic functions to work on the website. Basic functions are, for example, cookies which are needed so that you can use menus on the website and navigate on the site.

Functional cookies

Functional cookies need to be placed on the website in order for it to perform as you would expect. For example, so that it recognizes which language you prefer, whether or not you are logged in, to keep the website secure, remember login details or to be able to sort products on the website according to your preferences.

Cookies for statistics

For us to measure your interactions with the website, we place cookies in order to keep statistics. These cookies anonymize personal data.

Cookies for ad-tracking

To enable us to offer better service and experience, we place cookies so that we can provide relevant advertising. Another aim of this processing is to enable us to promote products or services, provide customized offers or provide recommendations based on what you have purchased in the past.
Confirm choices Accept all