• Contact Sales
  • Resellers
  • Support
Yubico Header Text LogoYubico Header Text Logo
Why Yubicoexpand_more
Why Yubico
  • Enterprises
  • SMBs
  • Individuals
  • Developers
  • Careers
  • Partner programs
  • Affiliate program
  • Contact Sales
  • Events
  • Press room
  • Yubico Blog
  • Yubico Executive Connect
  • About us
  • The team
  • Investors
  • Innovation history
  • Secure it Forward
Man holding YubiKey
Easy-to-use, secure authentication

With YubiKey there’s no tradeoff between great security and usability

Why YubiKey
  • financial services
  • security
Google headquarters
Proven at scale at Google

Google defends against account takeovers and reduces IT costs

Google Case Study
  • financial services
  • security
Hand holding YubiKey behind Apple iPhone
Protecting vulnerable organizations

Secure it Forward: One YubiKey donated for every 20 sold

Learn about Secure it Forward
  • financial services
  • security
Productsexpand_more
All products
  • YubiKey 5 Series
  • YubiKey 5 FIPS Series
  • YubiKey Bio Series
  • Security Key Series
  • YubiKey 5 CSPN Series
  • YubiHSM 2 & YubiHSM 2 FIPS
  • YubiEnterprise Subscription
  • YubiEnterprise Delivery
  • Yubico Authenticator
  • Computer login tools
  • Software Development Toolkits
  • YubiCloud
  • Using YubiKey is easy
  • Find the right YubiKey
  • Works with YubiKey
  • Compare YubiKeys
Woman holding YubiKey 5ci
One key for hundreds of apps and services

YubiKey works out-of-the-box and has no client software or battery

Yubico protects you
  • financial services
  • security
See YubiKeys as a Service
YubiEnterprise Subscription delivers scale and savings

Gain a future-proofed solution and faster MFA rollouts

See YubiKeys as a Service
  • financial services
  • security
Solutionsexpand_more
Solutions overview
  • Zero Trust
  • Executive Order OMB M-22-09
  • Phishing-resistant MFA
  • Passwordless
  • Compliance
  • Cyber Insurance
  • Critical infrastructure
  • Secure supply chain
  • Protect call centers
  • Hybrid & remote workers
  • Secure privileged users
  • Mobile restricted environments
  • Shared workstations
  • Microsoft ecosystem
  • Salesforce workspace
  • IAM solutions
  • AWS environment
  • HYPR experience
  • Okta identity solutions
Hand holding YubiKey behind Apple iPhone
The Bridge to Passwordless

Begin the journey to make your organization passwordless

Get the white paper
  • financial services
  • security
Lock on a laptop
Accelerate your Zero Trust Strategy

7 best strong authentication practices to jumpstart your Zero Trust program

Get the white paper
  • financial services
  • security
Government building
Federal cybersecurity requirements

See guidance for CIOs and leaders to prepare for the modern cyber threat era

Get the white paper
  • financial services
  • security
Industriesexpand_more
Industries overview
  • High tech
  • Federal government
  • Federal systems integrators
  • State & local government
  • Education
  • Financial services
  • Elections & campaigns
  • Retail & hospitality
  • Telecommunications
  • Healthcare
  • Pharmaceuticals
  • Cryptocurrency
  • Energy & natural resources
  • Manufacturing
man working a manufacturing line
Manufacturing and supply chain security

Authentication best practices for manufacturing using highest-assurance security

Get the white paper
  • financial services
  • security
Person looking at a computer with a government building showing
Phishing-resistant MFA: Fact vs. Fiction

Meet requirements for phishing-resistant MFA in OMB M-22-09 guidelines

Get the white paper
  • financial services
  • security
Remote workers at a wind farm
Secure energy and natural resources from cyber threats

Best practices for phishing-resistant MFA to safeguard your critical infrastructure

Get the white paper
  • financial services
  • security
Resourcesexpand_more
All resources
  • Yubico Blog
  • Cybersecurity glossary
  • Authentication standards
  • Resource library
  • Developer program
  • Product briefs
  • Solution briefs
  • Case studies
  • Get a pilot started
  • White papers and reports
  • Webinars
Laptop with a YubiKey inserted
BeyondTrust: secured with a subscription

A leader in Privileged Access Management simplifies YubiKey deployment

How they optimized ROI
  • financial services
  • security
S&P Global Market Intelligence report: old habits die hard

Only 46% of respondents protect their applications with MFA. How about you?

Read the report
  • financial services
  • security
Considering Passkeys for your Enterprise?

Learn how to avoid the common pitfalls of synced passkeys

Get the Ebook
  • financial services
  • security
Supportexpand_more
Support home
  • Find the right YubiKey
  • Set up your YubiKey
  • Downloads
  • Product documentation
  • Support articles
  • Support Services
  • Professional Services
  • YubiEnterprise Subscription
  • Works with YubiKey Program
  • Buying and shipping information
  • Security advisories
  • Help center
YubiKeys in lots of form factors
How to set up your YubiKey

Follow our guided tutorials to start protecting your favorite services

Set up your YubiKey
  • financial services
  • security
YubiKey on a keychain plugged into a laptop
Find the best YubiKey for your needs

Take the guided quiz and see which YubiKey best fits your or your businesses needs

Take the quiz
  • financial services
  • security
Worker with a calculator and laptop with a spreadsheet
Accelerate your YubiKey deployment

Technical and operational guidance for your YubiKey implementation and rollout

Professional Services
  • financial services
  • security
SubscribeStore
  • Home » Blog » Hybrid work driven by Covid-19 prompts a shift in financial services security priorities

    Hybrid work driven by Covid-19 prompts a shift in financial services security priorities

    Karin Muskopf

    Karin Muskopf

    August 26, 2021
    4 minute read
    Share on FacebookShare on XShare on LinkedInShare via Email

    All industries are dealing with the thorny issue of who comes back to work during the pandemic and who doesn’t, and the return-to-work plans will diverge depending on each enterprise’s needs and culture.

    But banks, financial institutions, and many other players in the financial services industry are paying close attention to the security perils of an increasingly remote or hybrid workforce.

    In a discussion with two Yubico experts who live and breathe finserv daily, we find out there are a number of top priorities that banks are juggling all at once: reassuring customers that their finances are secure, dealing with employees who may be new to remote work security protocols, and designing secure authentication flows that may not allow mobile phones to be involved. Jim Sandford, Enterprise Account Director and Rob Hemeryck, Regional VP of Financial Services, give us the scoop. 

    Q: How have you seen finserv weather the massive pandemic shift to remote work? And how are the banks doing now that many, like tellers, are coming back to the physical branches?

    Jim: What I hear from many CISOs is that, despite the initial shock of thousands of staff shifting to remote work, they found most employees were equally, if not more productive at home. So the move back to the office is being done slowly and with more thought. They are still evaluating who really needs to return.

    From a financial services security standpoint, of course, having everyone in one building is better because you can control the risks and put in physical and network protocols. But there’s no doubt that a large number of workers will be outside the building moving forward, so multi-factor authentication (MFA) is becoming a top priority if it wasn’t already. 

    The second trend is about customer retention. Banks are trying to find new ways to provide value to customers concerned about security, like millennials who are used to doing everything on their phones. All customer bases highly value convenience, so security measures have to be as seamless as possible. 

    I work with organizations across the financial services sector, including many large traditional financial institutions. Many of these companies are looking to provide continuous benefits to their customers and are doing so with YubiKeys, not just for their employees, but also to provide to their end users. This means they’re not only getting protection against phishing attacks for their own organizations but giving their customers the same level of security to protect their own accounts. This results in a more positive perception in the marketplace as they keep pace with the innovation of the smaller, more agile financial institutions.  

    Q: What are the unique financial services security challenges versus other industries?

    Rob: There are many high-security areas of a financial institution where mobile phones might not be allowed because they’re considered data exfiltration devices. So an authentication process implemented for remote employees  — say, authentication using a phone — would not be the best solution for on-site employees or customers going through a high-security process like a loan application or another sensitive workflow. 

    When customers are involved, you have to be careful to avoid implementing processes that impose a lot of inconvenience, creating potential backlash.

    Q: What’s the best way for the enterprise to communicate their renewed focus on financial services security with customers or stakeholders?

    Jim: Banks want to directly address the issues their customers are worried about in the news. Now that we’ve heard so much about high-profile breaches — from large retailers to a host of banks — there’s a danger of data breach fatigue. Meaning that you get used to the idea of a series of breaches and decide to do nothing about it until the next one happens to you. Utilizing modern authentication can position the company and brand identity with greater security. 

    Q: How far down the road to passwordless do you think finserv has traveled so far?

    Rob: We’re seeing a lot more internal deployments rather than external, consumer-facing systems for now. For consumers you have such a broad range of technical skills, and it requires more effort on education. Those deployments will come in time, because there’s a lot of momentum for large entities to get to passwordless for their users.

    The industry recognizes that there are still vulnerabilities in weaker MFA systems, so many CISOs are looking for the “next step” up. 

    Read Yubico’s white paper, “Strong authentication for hybrid and remote work in financial services” to learn more about security challenges related to long term hybrid and remote work and contact us to discuss how Yubico can work to secure your institution and customers. 

    Share this article:

    Share on FacebookShare on XShare on LinkedInShare via Email

    Recommended Posts

    • Coming soon: ‘Bring Your Own Key’ capability in YubiHSM 2 will bring the most flexible and highest assurance solution for data security and portability for multi-cloud environments

      Creating a robust data encryption strategy in a multi-cloud environment can be challenging. Considerations like availability, fail-over, control, cost and compliance are crucial. For organizations that are encrypting data on-premises and considering moving data to the cloud, a typical approach is to use an on-premises Hardware Security Module (HSM) or a cloud-based HSM. However, acquiring […]

      Read more
      • BYOK
      • YubiHSM 2
    • Resolve to be cyber resilient: Moving on from legacy MFA in energy and natural resources

      Every November, Critical Infrastructure Security and Resilience (CISR) Month focuses on educating the vital role critical infrastructure plays in the nation’s well being. Led by Cybersecurity and Infrastructure Security Agency (CISA), the conversation centers around why it’s important to strengthen critical infrastructure security and resilience.  One of the critical infrastructures, energy and natural resources, is […]

      Read more
      • CISA
      • energy and natural resources
      • PIV
      • smart card
    • Transcending passwordless authentication with HYPR and Yubico

      In today’s ever-evolving cyberthreat landscape, organizations face increasing challenges in securing their sensitive data and systems from sophisticated attacks like AI-strengthened phishing campaigns or impersonation attacks backed by spates of leaked PII . Even in today’s environments where new, ever larger, breaches make news every week, we’re continuing to see enterprises and employees across the […]

      Read more
      • HYPR
      • partner
      • passwordless
      • survey
    • Phishing-resistant MFA helps businesses reduce risk and costs in the face of a rapidly changing cyber insurance landscape

      To address and insulate themselves from the growing trend of cyber security breaches, more businesses are turning to insurance agencies for cyber insurance policies. While these policies have been around in some form since the late 1990s, the fast growing threat landscape and comparative youth of these policies means that rates and limits have fluctuated […]

      Read more
      • case study
      • cyber insurance
      • partner
Yubico Text LogoYubico Text Logo
  • RSS
  • Twitter
  • LinkedIn
  • Facebook
  • Instagram
  • YouTube
  • GitHub
  • Product finder quiz
  • Find set-up guides
  • Buy online
  • Contact sales
  • Get Yubico updates
  • Careers
  • Events
  • Press room
  • About us
  • Investors
  • Partner programs
  • Affiliate program
  • YubiKey 5 Series
  • YubiKey 5 FIPS Series
  • YubiKey Bio Series
  • Security Key Series
  • YubiKey 5 CSPN Series
  • YubiHSM 2 & YubiHSM 2 FIPS
  • Yubico Authenticator
  • Zero Trust
  • Phishing-resistant MFA
  • Passwordless
  • Cyber insurance
  • More solutions
  • Industries overview
  • Yubico blog
  • Resource library
  • Cybersecurity glossary
  • Authentication standards
  • Developer program
  • Works with YubiKey
  • Help center
  • Downloads
  • Product documentation
  • Support Services
  • Professional Services
  • Contact support
Yubico © 2023 All Rights Reserved.
  • Sitemap
  • Cookies
  • Legal
  • Privacy
  • Patents
  • Terms of use
  • Trust