How Can Large Enterprises Secure Access Without Disruption?

A leading insurance company in Central and Eastern Europe, serving over 5 million customers and managing 8,000+ agents, has answered this question by deploying Secfense technology across its infrastructure.

In just a few weeks, the organization implemented strong multi-factor authentication (MFA) — without changing application code, without engaging developers, and without interrupting service delivery.

This large-scale rollout demonstrates that even highly regulated enterprises can meet modern security and compliance standards, including the EU Digital Operational Resilience Act (DORA), quickly and without technical debt.

(ENISA: Understanding the DORA Regulation)

Why the Insurer Chose Secfense

The company serves around 5 millions of customers and manages around 8000 thousands of agents. Security was critical — but so was operational continuity. The goal: deploy phishing-resistant authentication, strengthen access security, and achieve regulatory compliance without rewriting applications or rearchitecting the environment.

Secfense delivered exactly that:

• Works with any MFA method, including FIDO2 passkeys, TOTP, SMS, or email

• Requires zero code changes and no new infrastructure

• Adapts to diverse user types — employees, agents, and customers

• Integrates seamlessly with existing systems like Active Directory and load balancers

• Supports fast onboarding with self-service enrollment

At the center of this deployment is the Secfense User Access Security Broker (UASB) — a lightweight overlay that intercepts and secures authentication flows without modifying applications.

By isolating authentication logic from application logic, UASB allows organizations to introduce strong, phishing-resistant MFA across all systems — safely and consistently.

(Learn more about Secfense UASB)

What the Implementation Looked Like

The deployment followed two structured phases:

1. Pilot Stage
The client team ran an independent pilot, validating the Secfense platform’s ease of deployment and its compatibility with the insurer’s existing systems.

2. Full Rollout
After pilot success, the rollout began with core SSO applications and expanded to dozens of systems. All traffic changes were handled via secure routing and content rules at the network layer — keeping production untouched and ensuring zero downtime.

Results

• 8,000+ agents activated MFA in just two weeks

• MFA made available to over 5 million customers through self-service enrollment

• Full compliance with internal security and DORA requirements

• No integration with Azure AD or Okta needed — existing identity sources used

• Ready for passkey adoption — infrastructure now supports FIDO2 passwordless authentication

This project proved that complex enterprise environments can achieve phishing-resistant authentication at scale, with minimal effort and full auditability.

(FIDO Alliance – How Passkeys Strengthen MFA Security)

What’s Next

Following the success of this rollout, the insurer now plans to:

• Extend passwordless MFA to new user groups

• Secure additional access channels (VPN, internal portals, mobile apps)

• Implement adaptive authentication policies based on user roles and risk levels

With Secfense, these next steps require no code changes, no vendor lock-in, and no service interruption.

(Explore how Secfense helps enterprises adopt passkeys securely)

Final Thought

This case demonstrates a new model for enterprise authentication — one that’s compliant, scalable, and future-ready.

Secfense empowers organizations to deploy phishing-resistant MFA and passkeys across all applications, without rewriting code or disrupting operations — helping enterprises stay ahead of both cyber threats and regulatory requirements.

👉 Schedule a call with our team to learn how Secfense can help your organization strengthen authentication and prepare for passwordless security — all without changing your code.