Polish Manufacturing Company (HVAC): Rublon Case Study

Last updated on September 1, 2025

A company in the ventilation and air conditioning industry secured Windows logins and VPN access using Rublon MFA

A medium-sized Polish company in the ventilation & air-conditioning (HVAC) sector protected Windows logins and remote VPN access (FortiClient) with the Rublon Multi-Factor Authentication (MFA) platform, simultaneously meeting key requirements of the NIS2 directive. The additional security layer shields the business from Account-Takeover (ATO) attacks and unauthorized access while maintaining user convenience and straightforward security management.

“A Polish HVAC manufacturer (50-200 employees) deployed Rublon MFA to secure Windows logins and remote VPN access. The project proved that Rublon MFA can be implemented quickly and painlessly. A clear admin console and flexible security policies let the IT team tailor the solution with little effort, while end-users gain a convenient yet secure way to log in. The company has significantly strengthened its cybersecurity and achieved NIS2 and the Polish National Cybersecurity System Act (KSC) compliance at no extra cost.”

Patryk Suchorowski

Head of IT Operations at Rublon

HVAC technician in blue coveralls measuring airflow on a large industrial condenser unit with six fans

Objectives

The business wanted to increase the level of security by introducing strong multi-factor authentication for employee logins to company IT systems (Windows computers and VPN).

The company wanted to protect employee access to the corporate network and data from unauthorized persons taking over accounts.

Compliance with the MFA requirements of the NIS2 Directive was also needed.

Results

Secure access to Windows endpoints and corporate VPN with user-friendly multi-factor authentication.

There have been no recorded successful cyberattack attempts following the implementation of the Rublon MFA platform.

The deployment ran smoothly; maintaining the solution is simple and does not generate high costs.

Customer

Industry:
Industrial manufacturing

Number of employees:
50–200

Location:
Poland

The Challenge

Strong Access Security

The company wanted to make sure that only authorized employees had access to sensitive data and systems. With the growing number of Account Takeover (ATO) attempts, one of today’s most popular attack vectors, there was a need to implement additional security that would lower the risk level while remaining simple to implement.

Convenience for Users and Administrators

The company wanted to complete the project as quickly as possible to provide immediate protection to its employees. The company also took the budget into account and therefore looked for a solution that would meet all security requirements, while being cost-effective, easy to use for administrators, and convenient for users. It was crucial that the new authentication method not hinder daily work. The key requirements were the intuitiveness of the solution and no additional burden for users.

Compliance With the NIS2 Directive

An additional challenge was the need to ensure regulatory compliance with the NIS2 Directive and its Polish transposition in the form of the National Cybersecurity System Act. As an Important Entity, the company had to comply with the NIS2 directive requirements for implementing multi-factor authentication.

The Solution

A medium-sized ventilation & air conditioning company has implemented Rublon MFA.

The company chose Rublon’s solution because it met all the established criteria. The IT team was particularly impressed by its compliance with the MFA requirements of the NIS2 directive, as well as the option to protect access to both Windows and VPN.

Integration With Windows and VPN

Rublon MFA has been integrated with the company’s Windows environment using the native Rublon for Windows connector and with the enterprise-class VPN using the Rublon Authentication Proxy. This made it possible to add an extra authentication step for users. When logging in to a computer or VPN, employees are asked to confirm their identity with an additional authentication factor other than a password. This could be, for example, the Mobile Push method available in the Rublon Authenticator app installed on their smartphone. Rublon MFA’s authentication methods are fast and convenient, while providing a high level of security – they do not slow down the user’s work and offer additional protection against unauthorized access.

Simple Administration and Low Maintenance Costs

Management of Rublon MFA across the organization is accomplished from the browser-based Rublon Admin Console, reducing the IT department’s workload to a minimum. Ready-made connectors for popular applications and systems translate into lower operating costs and rapid scaling of protection to additional users or applications.

Meeting the MFA Requirements of NIS2

The implementation of Rublon MFA allowed the company to meet the requirements for multi-factor authentication (MFA) under Article 21(2)(j) of Directive (EU) 2022/2555 (NIS2) and Article 8 of the draft amendment to the Polish National Cyber Security System Act, which transposes NIS2 into Polish law. Enforcing MFA for Windows computer logins and VPN connections (FortiClient) provides strong access control and protects data confidentiality and integrity.

The Benefits of Implementing Rublon MFA

No delays	Push authentication does not delay employee logins, keeping the business running smoothly even during peak hours.
Protecting access to the corporate network	MFA is enforced for every VPN login, making it much more difficult for a potential attacker to break into the corporate network.
Flexible access policies	Access policies allow for flexible customization of the login experience and control of employee access with the ability to seamlessly change settings whenever necessary.
Positive user experience	Employees are happy with Rublon MFA; they can approve logins with a single tap on the mobile app, which provides quick and convenient access to systems, eliminating the need for complicated authentication procedures.
Readiness for future scalability	The high scalability of Rublon MFA makes it possible to deploy multi-factor authentication for other applications and services, and to seamlessly add more users and groups whenever the company decides to do so in the future.

The Outcome

A Polish manufacturer in the ventilation and air conditioning industry (50-200 employees) decided to implement multi-factor authentication for employee logins to Windows endpoints and connections to the company’s VPN. This decision stemmed from the overall strategy to increase the organization’s security level and the need to ensure compliance with the NIS2 directive. It was necessary to implement MFA while maintaining a high level of user convenience and flexibility. The Rublon MFA platform proved to be a solution that perfectly aligned with these objectives. Rublon’s solution increases access security without introducing unnecessary difficulties in everyday work.

After implementing Rublon’s multi-factor authentication, the company immediately improved its cybersecurity and regulatory compliance. Most importantly, this was achieved without negatively impacting employee login experience and with minimal additional effort from administrators. The Rublon MFA platform implementation process was smooth and efficient, ensuring the company’s long-term infrastructure and user protection.