Jan 18, 2022
Yubico’s top information security recommendations for 2022
Last week, we shared a look back at 2021, which experienced an increase in the number of high profile security breaches, many involving devastating ransomware attacks. Attackers preyed on traditionally softer targets like hospitals, schools, and local governments, in addition to the continued focus on the supply chain. Although the root cause for many of …
Jan 11, 2022
2021: Both challenging and promising for cyber security
2021 was a challenging, yet promising year for cyber security. This past year, we saw critical infrastructure, which we may have taken for granted in the past, breached and disrupted. My father, who lives in Sweden, could not buy food in his local grocery store, and coworkers and friends on the east coast in the US …
Dec 9, 2021
MFA implementation and the users you need to reach: overachievers, traditionalists and cautious employees
When a breach investigation team assembles after an incident at a company or organization, misinformed users often get added to the ‘suspects list’ because accidents happen that sometimes lead to holes in security. Though everyone in a company means well, just like accidentally dropping a glass or losing your car keys, the reality is that …
Dec 6, 2021
A Day in the Life: Dispelling the Myths of Mobile Authentication
COVID-19 initiated the most rapid digital transformation ever witnessed—organizations fast-tracked two-factor and multi-factor authentication to transition millions of employees to work from home. But with remote and hybrid work likely to continue in 2022 and beyond, it’s time to step back and ask: is my in-use authentication as secure as I think it is? Is …
Nov 18, 2021
In passwordless authentication, who is holding the keys?
Strong authentication practices are based on validating a number of authentication factors to a relying party (RP) or identity provider (IDP) to prove you are who the RP expects. Examples of relying parties could be Dropbox or Salesforce. Identity providers, who can also be a relying party that interacts with the authenticator, include Microsoft Azure, …
Nov 11, 2021
Mitigation and incident response plans to help prevent ransomware attacks
We’ve all grown accustomed to a flood of ransomware attack news almost every week, with no end in sight. The recent arrest of two Ukrainian ransomware attackers demonstrates that the White House is serious about going on the offensive against ransomware distributors. But often enforcement could end up being a game of whack-a-mole — hit …
Nov 2, 2021
YubiEnterprise Delivery Service expands to 49 countries to help customers increase remote work security for distributed workforces
The past two years have seen a tremendous amount of change regarding normal business processes for companies around the world, and our customers are no exception. When YubiEnterprise Delivery was first launched in May of 2020, organizations and their workforces, partners, and customers were just beginning to grapple with the new challenges that the pandemic …
Oct 27, 2021
A new White House directive: Phishing resistance!
The US Government’s Office of Management and Budget recently issued its Draft Zero Trust Strategy, which would require that Federal agencies only use multi-factor authentication that is phishing resistant. This strategy comes on the heels of a number of other actions from the Executive Office of the President including a cybersecurity executive order in May. …
The top 5 mobile authentication misconceptions: Demystifying the myth versus reality of legacy MFA
Download the Yubico White Paper, The top 5 mobile authentication misconceptions to learn the key misconceptions related to mobile-based MFA that are a ticking time bomb, and putting organizations at risk.
Aug 24, 2021
Zero Trust is the new regulatory minimum for Federal agencies: what does that mean for authentication?
The deadline is looming for federal agencies to implement impersonation-resistant multi-factor authentication (MFA), just one of the new stronger security requirements under President Biden’s new cybersecurity executive order (EO 14028). The EO puts security front and center to address some of the worst cyber attacks against the federal government, setting up new federal compliance expectations …