2FA – not just for employees, but vendors as well

Versasec ecosystem showcase

Protecting your organization from a potential data breach starts with providing secure two-factor authentication (2FA) for all employees. Once employees are protected, you need to think about vendors and third parties that have access to your network, customer files, and other sensitive data. Do they have the appropriate protections put in place?

According to a recent Google study, 3.3 billion user credentials were exposed by third-party breaches from March 2016 to March 2017. For example, Target was the victim of a big data breach in 2013 that started when their HVAC vendor’s credentials were compromised. Breaches through third party vendors can be greatly reduced or completely avoided by mandating use of 2FA in order to access your systems.

The use of 2FA is one of the most powerful and well established techniques for strengthening credentials. It’s been around since the 1970s with the introduction of smart card technology —  although, deploying and managing 2FA with smart cards has historically been cumbersome. Since then, smart card 2FA has advanced with new, easy-to-use technologies such as the YubiKey and Versasec.

versasec logo
Ecosystem Showcase: Versasec

Together, these technologies allow organizations to quickly increase security. Not only can enterprises mandate 2FA for employees and third party vendors, but they can also manage each user’s level of access and revoke it as needed by utilizing Versasec’s secure identity & access management solution. Versasec eases the deployment of 2FA with smart cards for organizations of any size by enabling admins to issue and manage user credentials. Users are then able to easily and securely authenticate to enterprise systems from across the cloud to SasS and on-premise applications..

With Versasec’s vSEC:CMS, enterprises can provision a YubiKey for each user, letting them quickly authenticate for login, secure email, or code signing and more with a simple touch using their YubiKey as a PIV-compatible smart card and reader. vSEC:CMS also allows the user to securely unblock their pin or load new certificates on their YubiKeys. Administrators can manage, revoke or renew all registered YubiKeys using the vSEC:CMS. The ability to centrally manage user identity and access to critical data across all the different services with Versasec, is a huge win for organizations and admins.

Whether an organization has 20 or 200,000 employees, the YubiKey offers fast and simple deployment. We provide a hosted validation service, open source software and servers. Partners can easily work within the multiple security protocols supported by YubiKeys: OpenPGP, PIV, FIDO U2F, and more.

Yubico is proud to highlight Versasec as part of an ongoing YubiKey ecosystem awareness program. 

Talk to our teamTalk to our team

Share this article:


  • Q&A with Yubico’s CEO: Our move to the main Nasdaq market in StockholmAs 2024 draws to a close, it’s the perfect time to reflect on the incredible journey we’ve had this year and how it has shaped where we stand today as a company. To mark this moment, I sat down with our CEO, Mattias Danielsson, to look back on the milestones and achievements of 2024—culminating in […]Read moreCEOMattias Danielsson
  • Exploring DORA: A look at the next major EU mandateFinancial institutions have historically managed operational risk using capital allocation, but under EU Regulation 2022/2554 – also known as the Digital Operational Resilience Act (DORA) – the financial sector and associated entities in the European Economic Area (EEA) must also soon follow new rules. These new rules focus on the protection, detection, containment, and the […]Read moreDORAEU
  • Securing critical infrastructure from modern cyber threats with phishing-resistant authenticationAcross the globe, 2024 has seen a whirlwind of change. With ongoing wars, recent political change-ups and more, growth in data breaches targeting critical infrastructure continue to be on the rise. Critical infrastructure is integral to our everyday life – from the energy and natural resources powering our hospitals and providing clean drinking water, telco […]Read moreCISAcritical infrastructurezero trust
  • surface blog crownMicrosofts Surface Pro 10 möjliggör NFC-baserad lösenordsfri inloggning med YubiKeys, för företagDra fördel av det långvariga samarbetet mellan Microsoft och Yubico genom att distribuera YubiKeys tillsammans med den nya Surface Pro 10 enheten för ditt företag. Read morenfcpasswordless