Linkbynet secures cloud environments with YubiKeys

The challenge: securing cloud environments

As a provider of cloud optimization and managed services, maintaining strong digital security is essential. Upgrading authentication, and in particular implementing multi-factor authentication (MFA), was one of the key criteria within a wider project to strengthen security following the increased importance of cloud-based SaaS applications. For the purposes of managing the digital transformation of Linkbynet’s customers, the company wanted to increase the level of security in two areas:

• System administrators managing customer access
• Customers accessing their cloud-hosted resources through Linkbynet

“We use most of the platforms available on the market, so we needed a single tool to strengthen access security, both internally and for our customers. YubiKeys let us overcome all of these challenges: a maximum security level for a wide range of use cases, the most intuitive user experience and a competitive purchase price.”

The solution: a two-phase project

Before choosing Yubico, Linkbynet considered other solutions including Microsoft Authenticator, Google Authenticator and Fortitoken (the solution offered by Fortinet). However, these solutions did not provide the required level of security, ease of use, or the ability to meet all use cases at once. Yubico Authenticator App’s compatibility with Microsoft, Linux and Mac systems, as well as iOS and Android, offered considerable flexibility. On top of this, the multiple authentication protocols available on a single YubiKey offered compatibility with all different authentication methods required by applications used by LinkByNet. Lastly, the substantial volume of virtual token storage gave Linkbynet an MFA solution that could be used on the infrastructures of all its customers.

During the first phase, MFA was enabled on all applications supported by Linkbynet’s cloud federation tool (GCP, AWS and Alicloud via ADFS and Keycloak) for internal “technical” staff. Linkbynet’s customers can now log in to their cloud platform securely using the YubiKey. In total, it was rolled out to 600 users during this first phase.

During a second phase, MFA will be activated for all Linkbynet staff, using the YubiKey or the Yubico Authenticator App depending on the user profiles.

The results: optimized TCO and simplified user experience

Upgrading authentication at Linkbynet by implementing YubiKey has provided:

• Optimized Total Cost of Ownership
• Reduced IT costs
• Improved employee uptake thanks to a simplified authentication experience: employees only need to enter their credentials and press the YubiKey to gain instant access to the system, without having to enter (and remember) a complex password
• Flexibility of use: as YubiKey is compatible with Linkbynet’s various cloud environments, VPNs and other applications, as well as login, security levels can be easily customized according to user groups
• Compatibility with all major IAM solutions
  

Linkbynet plans to standardize the use of YubiKeys to secure access to the Fortinet VPN, as well as for login.

“Internally, uptake has been quite natural, thanks to the optimal user experience compared to other authentication methods. For our customers, this level of security was a prerequisite for accessing their cloud infrastructures, and some of them are also planning to use YubiKeys for their own internal needs.”