Lessons from the SolarWinds incident

Last week, a large and expertly run espionage operation was made public — one that began no later than October 2019, and which had been actively exploiting victims since at least early 2020. This incident is particularly interesting for several reasons: for the breadth of sensitive global government and industry targets, for misuse of a

Sep 30, 2020

How NIST and eIDAS revisions are shaping the future of e-identification

This blog is co-authored by John Fontana, Standards Analyst at Yubico.  On both sides of the Atlantic, standards and regulations on electronic identification are being revised more or less simultaneously. In the United States, the National Institute of Standards and Technology (NIST) accepted public comments on its SP 800-63-3 Digital Identity Guidelines last month, which is on

authlite ecosystem showcase

The key to DFARS/NIST Compliance

There are only 8 weeks left before the Defense Federal Acquisition Regulation Supplement (DFARS) deadline, and now is the right time for US government contractors to secure Active Directory users. DFARS compliance was structured to protect unclassified US Department of Defense (DoD) information on a contractor’s internal information system from cyber incidents, and to minimize

Computer Login with YubiKey in Smart Card Mode

The humble smart card dates back to the 1970s, but the mature technology is not without innovation in a world of new-fangled authentication. Personal Identity Verification (PIV) smart cards, best known as staples in government agencies, incorporate standards developed by the National Institute of Standards and Technology (NIST). Yubico’s recent webinar, “YubiKey Smart Code Mode