Author: Sebastian Elfors

Thumbnail

Everything you need to know about the revised eIDAS regulation

In June 2021, the EU Commission announced its plans for a revised eIDAS regulation. eIDAS (electronic IDentification, Authentication and trust Services) is the EU regulation 910/2014 on electronic identification and trust services in the EU. It came into force in 2014, so the revision is a major update to eIDAS. The past two years the

Thumbnail

What SolarWinds taught us about the importance of a secure code signing system

Last year’s SolarWinds attack was caused by intruders who managed to inject Sunspot malware into the software supply chain. The hackers exploited a breach in the SolarWinds code signing system, which allowed them to fraudulently distribute malicious code as legitimate updates to installations across the world. While this attack taught the industry many lessons, one

Thumbnail

Mar 23, 2021

Top 10 security regulations you need to know about in the U.S. and EU

Compliance has always been part of routine planning and development for security experts in the enterprise. But recent headline-grabbing attacks like the SolarWinds incident may have pushed compliance much higher up the priority list. It’s difficult to track the dizzying array of regulations on both sides of the pond and what they require, so we’ve

Thumbnail

Sep 30, 2020

How NIST and eIDAS revisions are shaping the future of e-identification

This blog is co-authored by John Fontana, Standards Analyst at Yubico.  On both sides of the Atlantic, standards and regulations on electronic identification are being revised more or less simultaneously. In the United States, the National Institute of Standards and Technology (NIST) accepted public comments on its SP 800-63-3 Digital Identity Guidelines last month, which is on

Thumbnail

YubiKey secures remote workers during COVID-19 as government-approved alternative to PIV and CAC cards

In the matter of just one week, Google reported that it saw more than 18 million daily malware and phishing emails related to COVID-19. That’s an astonishing number, and one that is not likely to slow down any time soon. For organizations across the globe, it is imperative to quickly, securely, and affordably fill existing