Atlassian unifies user authentication to improve employee productivity with YubiKeys
About our customer Atlassian
Atlassian is a leading provider of team collaboration and productivity software, with twelve worldwide offices in Australia, Netherlands, United States, Japan, India, Philippines and Turkey with many remote and mobile workers in their workforce. Atlassian builds collaboration and productivity software to help teams organize, discuss, and complete shared work. With more than 4,000 employees and many ecosystem partners, Atlassian tools are used by top organizations across the world to work better together and deliver quality results on time
The challenge: Simplify authentication, increase security, and retain productivity
Atlassian employees are involved in a broad range of diverse product and business operations. Prior to implementing Yubico, employees faced differing authentication methods in their daily operations, varying in their security level. As an example, developers might access various applications throughout the day, each time requiring an authentication exercise.
Staff training and management of diverse authentication methodologies required sophisticated support infrastructure with complex administrative execution. This also resulted in users facing several different authentications within a single work effort. Altassian’s challenge was to enhance their security posture without slowing down user authentication and workflow.
“Deploying YubiKeys in Atlassian helped improve our security and significantly increased user experience when it comes to 2FA.”
The solution: YubiKeys Enhances Security While Streamlining the User Experience
YubiKeys were able to address Atlassian’s need to simplify their employee’s authentication experience without sacrificing strong security. Users could follow strong two-factor or multi-factor authentication, all with an intuitive, fast and easy manner. And with strong phishing defense, YubiKeys enabled the workforce to stay protected against sophisticated phishing attacks.
Workflows that define the level of system access for users (and especially programmers) can now be serviced by a single YubiKey for multiple applications. This includes host access on-premise or in the cloud, ssh keys, and other multi-factor authentication use cases. One YubiKey, and its multiple uses, provides unified authentication for all applications and systems— increasing worker productivity with security and streamlining multiple (and risky OTP) platforms with a single device.
Atlassian centralized their software onto a single-sign on platform and enforced 2FA across all of their internal and SaaS applications, the majority of which are compatible with one of the many protocols that are supported by the YubiKey.
An additional comfort comes from knowing that YubiKeys make email phishing expeditions much more difficult by successfully thwarting phishing and man-in-the-middle attacks.
The results: Stronger security posture and increased productivity with YubiKeys
Atlassian employees have been provisioned with YubiKeys to increase productivity and provide simplicity for their wide variety of MFA needs. Atlassian is also evaluating FIDO2 Universal 2nd Factor (U2F) to completely eliminate OTP and to change legacy application authentication to YubiKey supported protocols. On top of that, Atlassian primarily utilizes the Yubikey 5C which allows for increased mobility such as working from the office or on the go.
Benefits of deploying the YubiKey:
- Strengthening security by introducing a highly phishing-resistant authentication approach
- Greatly reducing chances of account takeovers and man-in-the-middle attacks by eliminating less secure methods of authentication such as SMS and phone based OTP
- Strong security ROI and improved productivity
- Better end user experience for their developers making authentication as easy as touching a button
Sources