• Phishing-resistant MFA for State and Local Government

    Meet Zero Trust and cyber insurance mandates.
    Complete your MFA 100%

    Read the solution brief
    Home » Industries » YubiKey for State and Local Government

     Zero Trust security and phishing-resistant MFA for State and Local Government

    Phishing-resistant multi-factor authentication (MFA) and Zero Trust security architectures are key requirements per the executive order on improving the nation’s cybersecurity that was released on May 12, 2021, and the subsequent Office of Management and Budget (OMB) Memo M-22-09

    While MFA can be a strong first-line of defense against phishing and ransomware, not all forms of MFA are created equal. Legacy authentication such as usernames and passwords can be easily hacked, and mobile-based authentication such as SMS, OTP codes, and push notifications are highly susceptible to modern phishing attacks, malware, SIM swaps, and man-in-the-middle (MiTM) attacks.

    Mobile-based authentication also creates gaps in your MFA strategy when users can’t, don’t, or won’t use mobile authentication due to union restrictions, personal preferences, cellular geographic inconsistencies, financial reasons and more.

    Yubico offers the phishing-resistant, FIPS 140-2 validated YubiKey for highest-assurance multi-factor and passwordless authentication. YubiKeys are highly portable and simple to deploy and use, and are highly suitable for users that can’t, won’t, or don’t use mobile authentication, helping you achieve 100% MFA coverage and satisfy your cyber insurance MFA requirements.

    City of Southgate goes passwordless to meet CJIS

    ”Our mission is our citizens. From the vendors to the citizens that deal with us, we’re built for that—a fortress wall between threat actors and their data. I had to think of how would I break into there? How can I make it more difficult? People are looking at the state federal compliance from FBI CJIS and compliance standards like PCI DSS. So I look at it from the bad guys perspective to protect not just our people and our city, but our infrastructure. We’re a lot further along in securing our future by using the YubiKey.”
    Jason RuckerDirector of Information Technology,
    City of Southgate, Michigan

    WEBINAR

    Going passwordless and meeting CJIS at City of Southgate

    Join us for a candid discussion with Jason Rucker, Director of IT, City of Southgate, and Robb Ervin, Sr Solutions Engineer, Yubico to learn about the goals, timelines, obstacles and wins along their passwordless deployment journey.

    Benefits from the phishing-resistant YubiKey

    government building icon
    Federal compliant phishing-resistant MFA

    YubiKeys offer phishing-resistant security and are FIPS 140-2 validated to meet the highest authentication assurance level 3 requirements (AAL3) of NIST SP800-63B guidelines, Overall Level 1 (Certificate #3907) and Level 2 (Certificate #3914), Physical Security Level 3. YubiKeys are also CJIS, WebAUTHN, FIDO, FIDO2 and DFARS, and NIST SP 800-171 compliant.

    YubiKey icon
    Simple to deploy and use

    YubiKeys integrate seamlessly with existing identity and access management (IAM) and identity provider (IDP) solutions such as Microsoft, Okta, DUO, Ping, and over 1,000 applications and services out-of-the-box, including Google Suite, Microsoft Azure, Microsoft Office 365, Box, Jamf, and identity and credential management (ICAM) solutions, eliminating rip and replacement of existing solutions.

    electronic devices icon
    Built for portability and modern use cases

    The YubiKey enables phishing-resistant authentication for privileged users, employees, contractors, mobile users, cloud services, election infrastructure and even customer-facing digital services.Unlike mobile-based authenticators, YubiKeys are phishing resistant and purpose built for security, and don’t require Government Furnished Equipment (GFE) or a network connection. A single YubiKey works across multiple devices including desktops, laptops, mobile, tablets, notebooks, and shared workstations, enabling users to utilize the same key across devices. YubiKeys are also highly portable, enabling secure and CJIS-compliant access for users on the move such as law enforcement and first responders, and secure authentication without the use of mobile devices for employees that work in corrections departments.

    bar graph icon
    Reduce IT support costs and drive high ROI

    The combination of frictionless user experience, data breach prevention, mobile device and service cost savings, and the YubiKeys’ versatility with multi-protocol support results in high ROI for any environment. In addition to reducing risk by 99.9%, the YubiKey has been shown to drive a 203% 3-year ROI and a drop in password-related help desk tickets by 75%.

    Read more here
    “The biggest benefit is that you don’t have to use your phone and wait for that phone call or wait for that text message with the OTP. This is such a simpler solution where I just plug it in, tap the button and I’m done.”
    Curtis Chiuu Principal Systems Engineer, City of Sacramento

    WHITE PAPER

    Modernizing authentication across state, local, tribal and territorial governments

    Read the white paper to learn how to achieve 100% MFA coverage, ensure zero account takeovers and meet your cyber insurance MFA requirements.

    BEST PRACTICES GUIDE

    How to get started with phishing-resistant MFA to secure state, local, tribal and territorial governments

    Learn the six deployment best practices that can help your agency accelerate adoption of modern, phishing-resistant MFA at scale using the YubiKey.

    Procuring Yubico solutions

    Yubico solutions are available for procurement through multiple convenient channels.

    Engage with our Yubico Public Sector and Channel teams for strategic implementations:

    Contact us

    Email us

    Purchase options:
    via GSA or SEWP V contract
    Carahsoft Technology Corporation = GSA Multiple Award Schedule Contract # 47QSWA18D008F
    Aug 22, 2018- Aug 21, 2028

    NASA SEWP V

    NNG15SC03B/NNG15SC27B
    May 01, 2015- Apr 30, 2025

    ITES-SW2

    W52P1J-20-D-0042
    Aug 31, 2020- Aug 30, 2025
    *Additional Option Years Available
    Immix = GSA Contract # GS-35F-0511T / SEWP V NNG15SC16B (Category A, Group A) & NNG15SC39B (Category B, Group D)

    DUNS: 046832835
    CAGE Code: 6UUE2