Tag: government


May 2, 2022
YubiKeys protecting critical IT infrastructure in Ukraine
The Russian invasion of Ukraine is a battle in both the physical and the digital world. On both sides, information warfare plays a more critical part of the battlefield than any other war in human history, with the biggest attack vector and threat being weak login credentials. According to a Ukraine cybersecurity executive at a …

Feb 24, 2022
Supply chain security in 2022
The SolarWinds and Colonial Pipeline security breaches are two (of many) incidents that have made supply chain attacks go mainstream. The primary challenge for businesses is that supply chain defense isn’t easy given the hundreds, if not thousands of entry points that need to be monitored along the way. But there are best practices that …

Feb 3, 2022
Who can CISOs trust? Sharing information is both essential and a professional hazard
President Biden’s recent executive order on cybersecurity calls on the public sector to work with private companies to create more secure environments and emphasizes the importance of sharing information as a best practice. Many of us may see “information sharing” as a synonym for risk or liability as information sharing requires a lot of caution. …

Jan 18, 2022
Yubico’s top information security recommendations for 2022
Last week, we shared a look back at 2021, which experienced an increase in the number of high profile security breaches, many involving devastating ransomware attacks. Attackers preyed on traditionally softer targets like hospitals, schools, and local governments, in addition to the continued focus on the supply chain. Although the root cause for many of …

Aug 24, 2021
Zero Trust is the new regulatory minimum for Federal agencies: what does that mean for authentication?
The deadline is looming for federal agencies to implement impersonation-resistant multi-factor authentication (MFA), just one of the new stronger security requirements under President Biden’s new cybersecurity executive order (EO 14028). The EO puts security front and center to address some of the worst cyber attacks against the federal government, setting up new federal compliance expectations …

Aug 11, 2021
Everything you need to know about the revised eIDAS regulation
In June 2021, the EU Commission announced its plans for a revised eIDAS regulation. eIDAS (electronic IDentification, Authentication and trust Services) is the EU regulation 910/2014 on electronic identification and trust services in the EU. It came into force in 2014, so the revision is a major update to eIDAS. The past two years the …

Jun 21, 2021
Seven tips if you’re still scratching your head after reading Biden’s cybersecurity executive order
Yubico works with a lot of federal agencies and contractors, as well as with customers in regulated industries, so we understand the challenges new compliance regulations can bring. The executive order that was released May 12 can be seen as the federal government fully embracing the move toward multi-factor authentication (MFA) for use cases where …

Jun 16, 2021
Entrust to add support for YubiKeys with PIV alternative and PIV derived credentials, advancing secure mobile and desktop authentication
Today marks an important day for expanding Yubico’s reach to support the growing requirement for Government agencies to issue government credentials beyond Personal Identity Verification (PIV) cards. We are celebrating that our partner Entrust will soon launch support for derived PIV credentials for YubiKeys. Customers will be able to take advantage of YubiKeys with derived …

Jun 9, 2021
Yubico and ID.me provide remote identity proofing, YubiKey delivery, and strong authentication for NY Air National Guard (and see our joint presentation at Identiverse)
The pandemic has forced a digital transformation of how and where employees work at an accelerated rate, driving remote work scenarios for tens of thousands of state and federal personnel. These accelerated work scenarios require users to be strongly verified and authenticated. A strong binding between the remote identity proofing process and the authenticator is …