Author: David Treece
-
In passwordless authentication, who is holding the keys? Strong authentication practices are based on validating a number of authentication factors to a relying party (RP) or identity provider (IDP) to prove you are who the RP expects. Examples of relying parties could be Dropbox or Salesforce. Identity providers, who can also be a relying party that interacts with the authenticator, include Microsoft Entra […] Read more 2FA authentication FIDO2 MFA passwordless -
Mitigation and incident response plans to help prevent ransomware attacks We’ve all grown accustomed to a flood of ransomware attack news almost every week, with no end in sight. The recent arrest of two Ukrainian ransomware attackers demonstrates that the White House is serious about going on the offensive against ransomware distributors. But often enforcement could end up being a game of whack-a-mole — hit […] Read more authentication FIDO MFA ransomware security key -
Zero Trust is the new regulatory minimum for Federal agencies: what does that mean for authentication? The deadline is looming for federal agencies to implement impersonation-resistant multi-factor authentication (MFA), just one of the new stronger security requirements under President Biden’s new cybersecurity executive order (EO 14028). The EO puts security front and center to address some of the worst cyber attacks against the federal government, setting up new federal compliance expectations […] Read more government MFA zero trust -
Seven tips if you’re still scratching your head after reading Biden’s cybersecurity executive order Yubico works with a lot of federal agencies and contractors, as well as with customers in regulated industries, so we understand the challenges new compliance regulations can bring. The executive order that was released May 12 can be seen as the federal government fully embracing the move toward multi-factor authentication (MFA) for use cases where […] Read more government PIV Public Sector YubiKey FIPS Series -
Quick Take: Executive Order on Improving the Nation’s Cybersecurity With the recent number of attacks that have had significant impact on critical systems, a new executive order on improving the nation’s cybersecurity has been released, covering many key areas that need to be addressed to protect critical digital infrastructure. This is one of the most detailed U.S. executive orders on cybersecurity and we welcome […] Read more multifactor authentication phishing zero trust -
Yubico Simplifies Smart Card Deployment in the Enterprise In the enterprise, smart cards simplify login to computers, VPNs, and online applications. Smart cards are also used for digitally signing emails and documents. While smart cards are known for delivering strong authentication, they are not simple to deploy. For example, to use a smart card in an enterprise setting, an admin must install client […] Read more enterprise security smart card