How can large enterprises secure user access without disrupting operations?
A top insurance company in Central and Eastern Europe has answered this question by deploying Secfense technology across its infrastructure. In just a few weeks, the insurer implemented strong multi-factor authentication (MFA) without changing application code, without engaging developers, and without interrupting service delivery.
This large-scale deployment confirms that organizations can meet security and compliance requirements including DORA, quickly and without technical debt.
Why did the insurer choose Secfense?
The insurer was managing millions of customers and thousands of agents. Security was critical, but so was operational stability. The organization needed a fast and compliant way to strengthen authenticationwithout development work or changes to its complex application environment.
Secfense delivered a solution that:
- Works with any MFA method, including passkeys (FIDO2), TOTP, SMS, and email.
- Requires zero code changes, no updates to application logic, and no new infrastructure.
- Adapts to user needs, supporting internal employees, external agents, and customers.
- Integrates with existing tools, like F5 load balancers and Active Directory.
Why did the insurer choose Secfense?
The insurer was managing millions of customers and thousands of agents. Security was critical, but so was operational stability. The organization needed a fast and compliant way to strengthen authentication—without development work or changes to its complex application environment.
Secfense delivered a solution that:
- Works with any MFA method, including passkeys (FIDO2), TOTP, SMS, and email.
- Requires zero code changes, no updates to application logic, and no new infrastructure.
- Adapts to user needs, supporting internal employees, external agents, and customers.
- Integrates with existing tools, like F5 load balancers and Active Directory.
At the core of the deployment is the Secfense User Access Security Broker (UASB), a lightweight layer that intercepts authentication flows without modifying applications. UASB isolates authentication traffic, allowing organizations to introduce strong authentication methods across all systems, quickly and safely. It ensures full separation of security logic from application logic, reducing operational risk and complexity.
What did the implementation look like?
The project was executed in two phases:
- Pilot Stage
The client team ran the pilot with minimal support from Secfense confirming that the platform is intuitive, even in complex environments. - Full Rollout
The rollout started with single sign-on (SSO) applications and expanded to cover several dozen systems. All changes were handled via content switching and content adaptation rules on F5 load balancers keeping the production environment untouched. No service interruptions occurred.
What results did the organization achieve?
- 8,000+ agents activated MFA within two weeks.
- Customer MFA was introduced through self-service enrollment no manual onboarding required.
- Compliance with internal security policies and DORA regulations was achieved.
- No integration with Azure AD or Okta was necessary existing identity sources were used.
The result: a fast, stable, and scalable security layer ready to support full passwordless authentication via passkeys.
What’s next?
This implementation created a flexible foundation for future expansion. The organization now plans to:
- Extend passwordless MFA to more user groups.
- Secure additional access channels (VPN, internal portals, mobile apps).
- Roll out different authentication methods based on user roles and risk levels.
Secfense technology allows these steps to happen without code changes, downtime, or vendor lock-in.
📞 Talk to a Secfense Expert
Want to learn how to secure your applications with strong MFA and passkeys—without changing your code? Contact a Secfense representative
