• Contact Sales
  • Resellers
  • Support
Yubico Header Text LogoYubico Header Text Logo
Why Yubicoexpand_more
Why Yubico
  • Enterprises
  • SMBs
  • Individuals
  • Developers
  • Careers
  • Partner programs
  • Affiliate program
  • Contact Sales
  • Events
  • Press room
  • Yubico Blog
  • Yubico Executive Connect
  • About us
  • The team
  • Investors
  • Innovation history
  • Secure it Forward
Man holding YubiKey
Easy-to-use, secure authentication

With YubiKey there’s no tradeoff between great security and usability

Why YubiKey
  • passwordless
  • professional services
Google headquarters
Proven at scale at Google

Google defends against account takeovers and reduces IT costs

Google Case Study
  • passwordless
  • professional services
Hand holding YubiKey behind Apple iPhone
Protecting vulnerable organizations

Secure it Forward: One YubiKey donated for every 20 sold

Learn about Secure it Forward
  • passwordless
  • professional services
Productsexpand_more
All products
  • YubiKey 5 Series
  • YubiKey 5 FIPS Series
  • YubiKey Bio Series
  • Security Key Series
  • YubiKey 5 CSPN Series
  • YubiHSM 2 & YubiHSM 2 FIPS
  • YubiEnterprise Subscription
  • YubiEnterprise Delivery
  • Yubico Authenticator
  • Computer login tools
  • Software Development Toolkits
  • YubiCloud
  • Using YubiKey is easy
  • Find the right YubiKey
  • Works with YubiKey
  • Compare YubiKeys
Woman holding YubiKey 5ci
One key for hundreds of apps and services

YubiKey works out-of-the-box and has no client software or battery

Yubico protects you
  • passwordless
  • professional services
See YubiKeys as a Service
YubiEnterprise Subscription delivers scale and savings

Gain a future-proofed solution and faster MFA rollouts

See YubiKeys as a Service
  • passwordless
  • professional services
Solutionsexpand_more
Solutions overview
  • Zero Trust
  • Executive Order OMB M-22-09
  • Phishing-resistant MFA
  • Passwordless
  • Compliance
  • Cyber Insurance
  • Critical infrastructure
  • Secure supply chain
  • Protect call centers
  • Hybrid & remote workers
  • Secure privileged users
  • Mobile restricted environments
  • Shared workstations
  • Microsoft ecosystem
  • Salesforce workspace
  • IAM solutions
  • AWS environment
  • HYPR experience
  • Okta identity solutions
Hand holding YubiKey behind Apple iPhone
The Bridge to Passwordless

Begin the journey to make your organization passwordless

Get the white paper
  • passwordless
  • professional services
Lock on a laptop
Accelerate your Zero Trust Strategy

7 best strong authentication practices to jumpstart your Zero Trust program

Get the white paper
  • passwordless
  • professional services
Government building
Federal cybersecurity requirements

See guidance for CIOs and leaders to prepare for the modern cyber threat era

Get the white paper
  • passwordless
  • professional services
Industriesexpand_more
Industries overview
  • High tech
  • Federal government
  • Federal systems integrators
  • State & local government
  • Education
  • Financial services
  • Elections & campaigns
  • Retail & hospitality
  • Telecommunications
  • Healthcare
  • Pharmaceuticals
  • Cryptocurrency
  • Energy & natural resources
  • Manufacturing
man working a manufacturing line
Manufacturing and supply chain security

Authentication best practices for manufacturing using highest-assurance security

Get the white paper
  • passwordless
  • professional services
Person looking at a computer with a government building showing
Phishing-resistant MFA: Fact vs. Fiction

Meet requirements for phishing-resistant MFA in OMB M-22-09 guidelines

Get the white paper
  • passwordless
  • professional services
Remote workers at a wind farm
Secure energy and natural resources from cyber threats

Best practices for phishing-resistant MFA to safeguard your critical infrastructure

Get the white paper
  • passwordless
  • professional services
Resourcesexpand_more
All resources
  • Yubico Blog
  • Cybersecurity glossary
  • Authentication standards
  • Resource library
  • Developer program
  • Product briefs
  • Solution briefs
  • Case studies
  • Get a pilot started
  • White papers and reports
  • Webinars
Laptop with a YubiKey inserted
BeyondTrust: secured with a subscription

A leader in Privileged Access Management simplifies YubiKey deployment

How they optimized ROI
  • passwordless
  • professional services
S&P Global Market Intelligence report: old habits die hard

Only 46% of respondents protect their applications with MFA. How about you?

Read the report
  • passwordless
  • professional services
Considering Passkeys for your Enterprise?

Learn how to avoid the common pitfalls of synced passkeys

Get the Ebook
  • passwordless
  • professional services
Supportexpand_more
Support home
  • Find the right YubiKey
  • Set up your YubiKey
  • Downloads
  • Product documentation
  • Support articles
  • Support Services
  • Professional Services
  • YubiEnterprise Subscription
  • Works with YubiKey Program
  • Buying and shipping information
  • Security advisories
  • Help center
YubiKeys in lots of form factors
How to set up your YubiKey

Follow our guided tutorials to start protecting your favorite services

Set up your YubiKey
  • passwordless
  • professional services
YubiKey on a keychain plugged into a laptop
Find the best YubiKey for your needs

Take the guided quiz and see which YubiKey best fits your or your businesses needs

Take the quiz
  • passwordless
  • professional services
Worker with a calculator and laptop with a spreadsheet
Accelerate your YubiKey deployment

Technical and operational guidance for your YubiKey implementation and rollout

Professional Services
  • passwordless
  • professional services
SubscribeStore
  • Home » Blog » Is your organization ready to go passwordless? Here is a list of questions to check your readiness and avoid the potholes later

    Is your organization ready to go passwordless? Here is a list of questions to check your readiness and avoid the potholes later

    Jeff Olives

    Jeff Olives

    May 5, 2021
    5 minute read
    Share on FacebookShare on XShare on LinkedInShare via Email

    We’ve said it before, but it bears repeating: the road to passwordless is a journey, not an overnight transition. At first, it begins with a basic understanding of what passwordless authentication is (and isn’t), but then it becomes time to take action and head further down the road. Still, the question for every enterprise IT manager remains…where to start? 

    Like every successful trip, you start with a map, a plan, and steps you can take to execute on that plan. The first thing to remember is that your company’s path won’t look like the next company’s path, but there are several rules of thumb that will help you plot out that path. All you need is the right contextual information before you map, plan, and execute. There are many roads to passwordless, and the good news is wherever you are is the perfect place to start.

    In that spirit, we’ve put together seven steps you can take once you’ve decided to go passwordless, along with corresponding questions to assess your readiness and determine the solutions that are best suited to meet your needs:

    Consider users and their use cases

    • What are your users’ needs, behaviors, and risk profiles?
    • Do they use mobile phones, desktop devices, shared workstations, or a combination of the three? 

    Key Takeaway: Different users may require different levels of security within the organization, and device types may dictate which passwordless authentication methods will deliver optimal user experience. 

    Achieve cross-functional alignment

    • Have you included all appropriate departments within your organization in planning meetings for your passwordless journey?
    • For example, has HR been invited to the table with IT to gain consensus on training practices? 

    Key Takeaway: Consider the needs of all departments when designing your passwordless workflow — there may be varying levels of input or perspective that dictate which passwordless authentication solution is best for your organization. 

    Assess existing technical environment, investments, and resources

    • Do you work with a current Identity Access Management (IAM) system?
    • Is that IAM solution on-premise or in the cloud?
    • How complex is your software supply chain?
    • Do you have all of the appropriate technical resources to implement and integrate a passwordless solution?

    Key Takeaway: If you have a mostly on-premise solution, you may want to consider smart cards as a first step toward passwordless. If you live in the cloud, you may be ready for FIDO2 and WebAuthn-compliant hardware security keys. Of course, multi-protocol security keys, like the YubiKey, can support both of these needs simultaneously, and meet you where you are if you have a mixed infrastructure. 

    Prepare for distribution models and requirements

    • Where are most of your users located? Are they remote or in offices? 
    • How will your users receive any authentication hardware they might need for access?
    • Do you plan to handle distribution of this hardware in-house or outsource the delivery and activation process?

    Key Takeaway: The location of your workforce — with employees working from offices and/or from home — will affect most aspects of your passwordless deployment. Security key distribution and registration for remote workers in particular is often different than for office workers, and should be considered early in your project. 

    Plan sufficient training and support

    • How will you train and support users once you decide to go down the road to passwordless? 
    • Do you have a communication plan with accessible assets that will help support users? 

    Key Takeaway: Get an early start with HR or other stakeholders to produce clear communication tools, then put them in front of employees way before deployment to prepare them for what’s coming. 

    Measure your success

    • How will you measure the progress and success of your passwordless deployment?
    • What specific metrics make sense for your organization?

    Key Takeaway: Metrics will vary by organization, but some of the most common ones are bottom-line metrics that save money and time. For example: help desk hours saved, initial and follow-up on-boarding resources saved, or equipment savings. 

    Consider additional technical services

    • Would industry expertise augment and accelerate your journey?

    Key Takeaway: Once you’ve assessed the expertise your current staff has, consider getting outside consulting help from vendors who have guided other enterprises through a passwordless journey. Your timeline length may determine how much extra budget you want to put into getting technical services. If you do not have a set deadline for deployment, you can move slower, but if implementation is driven by a compliance or (knock-on-wood) a breach of some kind, technical services can accelerate the passwordless journey. 

    There are many passwordless solutions available on the market, which can make the path to passwordless confusing, overwhelming, and stressful for many enterprise IT managers. Here at Yubico, we aim to simplify the process to the best of our ability. With world-class cryptographic expertise, a delightful and versatile product portfolio, and a committed professional services support team, Yubico is here to help your organization every step of the way.

    To learn more about how to determine your passwordless strategy, read our
    Bridge to Passwordless: Key Considerations whitepaper. Or, for a primer on how to “separate fact from fiction” on passwordless check here.

    Share this article:

    Share on FacebookShare on XShare on LinkedInShare via Email

    Recommended Posts

    • Australian government leading on cybersecurity efforts toward phishing-resistance for all citizens and businesses

      Over the last few weeks, the Australian government has made big strides in further bolstering its digital security posture by enacting major cybersecurity measures. Australia has a goal to be a global leader in cybersecurity by 2030, and these recent measures are making impactful steps toward reaching this mission. First, the government announced that myGov […]

      Read more
      • Australia
      • government
      • phishing-resistant MFA
    • Coming soon: ‘Bring Your Own Key’ capability in YubiHSM 2 will bring the most flexible and highest assurance solution for data security and portability for multi-cloud environments

      Creating a robust data encryption strategy in a multi-cloud environment can be challenging. Considerations like availability, fail-over, control, cost and compliance are crucial. For organizations that are encrypting data on-premises and considering moving data to the cloud, a typical approach is to use an on-premises Hardware Security Module (HSM) or a cloud-based HSM. However, acquiring […]

      Read more
      • BYOK
      • YubiHSM 2
    • Resolve to be cyber resilient: Moving on from legacy MFA in energy and natural resources

      Every November, Critical Infrastructure Security and Resilience (CISR) Month focuses on educating the vital role critical infrastructure plays in the nation’s well being. Led by Cybersecurity and Infrastructure Security Agency (CISA), the conversation centers around why it’s important to strengthen critical infrastructure security and resilience.  One of the critical infrastructures, energy and natural resources, is […]

      Read more
      • CISA
      • energy and natural resources
      • PIV
      • smart card
    • Transcending passwordless authentication with HYPR and Yubico

      In today’s ever-evolving cyberthreat landscape, organizations face increasing challenges in securing their sensitive data and systems from sophisticated attacks like AI-strengthened phishing campaigns or impersonation attacks backed by spates of leaked PII . Even in today’s environments where new, ever larger, breaches make news every week, we’re continuing to see enterprises and employees across the […]

      Read more
      • HYPR
      • partner
      • passwordless
      • survey
Yubico Text LogoYubico Text Logo
  • RSS
  • Twitter
  • LinkedIn
  • Facebook
  • Instagram
  • YouTube
  • GitHub
  • Product finder quiz
  • Find set-up guides
  • Buy online
  • Contact sales
  • Get Yubico updates
  • Careers
  • Events
  • Press room
  • About us
  • Investors
  • Partner programs
  • Affiliate program
  • YubiKey 5 Series
  • YubiKey 5 FIPS Series
  • YubiKey Bio Series
  • Security Key Series
  • YubiKey 5 CSPN Series
  • YubiHSM 2 & YubiHSM 2 FIPS
  • Yubico Authenticator
  • Zero Trust
  • Phishing-resistant MFA
  • Passwordless
  • Cyber insurance
  • More solutions
  • Industries overview
  • Yubico blog
  • Resource library
  • Cybersecurity glossary
  • Authentication standards
  • Developer program
  • Works with YubiKey
  • Help center
  • Downloads
  • Product documentation
  • Support Services
  • Professional Services
  • Contact support
Yubico © 2023 All Rights Reserved.
  • Sitemap
  • Cookies
  • Legal
  • Privacy
  • Patents
  • Terms of use
  • Trust