Alex Yakubov

2FA – not just for employees

Protecting your organization from a potential data breach starts with providing secure two-factor authentication (2FA) for all employees. Once employees are protected, you need to think about  vendors and third parties that have access to your network, customer files, and other sensitive data. Do they have the appropriate protections put in place?

According to a recent Google study, 3.3 billion user credentials were exposed by third-party breaches from March 2016 to March 2017. For example, Target was the victim of a big data breach in 2013 that started when their HVAC vendor’s credentials were compromised. Breaches through third-parties can be greatly reduced or completely avoided by mandating use of 2FA in order to access your systems.

The use of 2FA is one of the most powerful and well established techniques for strengthening credentials. It’s been around since the 1970s with the introduction of smart card technology —  although, deploying and managing 2FA with smart cards has historically been cumbersome. Since then, smart card 2FA has advanced with new, easy-to-use technologies such as the YubiKey and Versasec.

Ecosystem Showcase: Versasec

Together, these technologies allow organizations to quickly increase security. Not only can enterprises mandate 2FA for employees and third parties, but they can also manage each user’s level of access and revoke it as needed by utilizing Versasec’s secure identity & access management solution. Versasec eases the deployment of 2FA with smart cards for organizations of any size by enabling admins to issue and manage user credentials. Users are then able to easily and securely authenticate to enterprise systems from across the cloud to SasS and on-premise applications..

With Versasec’s vSEC:CMS, enterprises can provision a YubiKey for each user, letting them quickly authenticate for login, secure email, or code signing and more with a simple touch using their YubiKey as a PIV-compatible smart card and reader. vSEC:CMS also allows the user to securely unblock their pin or load new certificates on their YubiKeys. Administrators can manage, revoke or renew all registered YubiKeys using the vSEC:CMS. The ability to centrally manage user identity and access to critical data across all the different services with Versasec, is a huge win for organizations and admins.

Whether an organization has 20 or 200,000 employees, the YubiKey offers fast and simple deployment. We provide a hosted validation service, open source software and servers. Partners can easily work within the multiple security protocols supported by YubiKeys: OpenPGP, PIV, FIDO U2F, and more.

Special Offer for Yubico Customers: Start a free product trial
at https://versasec.com/registration.php.

Yubico is proud to highlight Versasec as part of an ongoing YubiKey ecosystem awareness program. Visit our Featured Solutions page to learn more about all the products and services that support the YubiKey.

Comments are closed.