Last week, several Yubico leaders traveled to Washington, DC to attend the White House’s symposium focused on modernizing authentication in support of Executive Order 14028 on Improving the Nation’s Cybersecurity, and the OMB Memo M-22-09 describing the Federal Zero Trust architecture.
This event, organized by the Federal CIO & CISO and the Cybersecurity and Infrastructure Security Agency (CISA), brought together technical and executive identity and security leaders from industry and government. Attendees discussed challenges and solutions for federal departments, agencies, and critical infrastructure as they strengthen their identity and authentication systems while continuing to execute their missions and provide their services without interruption.
Yubico is honored to have been selected to participate in this event together with many of our esteemed colleagues from partners and customers in industry and government. We believe it can serve as a catalyst and foundation for deeper industry and government partnerships to solve some of the most difficult identity, authentication, integration, and lifecycle management issues facing all organizations deploying modern, phishing resistant authentication in highly complex and sensitive environments.
Multi-protocol technologies like the YubiKey provide the flexibility to use standards based phishing-resistant protocols such as passkeys (WebAuthn/FIDO) and PIV/CAC. Yubico believes using passkeys and PIV/CAC on one device is a great option for organizations where there is already an investment in PKI, and are looking to implement strong hardware-bound passkeys. YubiKeys are also FIPS certified and can be used as an AAL3 authenticator.
Additionally, YubiKeys can bridge the gap from legacy protocols to phishing resistant authentication with OTP supported on the same, certified device.
As federal departments and agencies, critical infrastructure, and the defense industrial base take up the mandate to have phishing-resistant authentication in place by the end of FY2024, and as many more organizations take up the challenge to rise to modern threats with state of the art defenses, we believe that more cross-company, cross-sector collaboration like this will be crucial to create or enhance solutions to meet all needs. Here’s to an early, well coordinated step to be followed by many more in this space!
Whether your organization is fully cloud native, or will still be using mainframe technology for the foreseeable future – or both – Yubico can help. Feel free to get in touch here for more information.
To learn more about how the YubiKey can be fully integrated into a Zero Trust architecture for phishing resistance, read our whitepaper, Modern Authentication for the Federal Government.