Linkbynet secures cloud environments with YubiKeys
Phishing-resistant MFA for employees and customers
Linkbynet supports digital transformation
Linkbynet, based in Saint-Denis, provides IT infrastructure and premium services to support the strategic transformation of its customers in France and around the world. They use tailored solutions and innovative technologies to design, secure, transform and optimize digital infrastructures and applications. This unique, end-to-end virtuous approach is based on four professions that enable companies to realize their full potential: Cloud Advisor, Cybersecurity, Cloud Transformer and Cloud Optimiser.
The challenge: securing cloud environments
As a provider of cloud optimization and managed services, maintaining strong digital security is essential. Upgrading authentication, and in particular implementing multi-factor authentication (MFA), was one of the key criteria within a wider project to strengthen security following the increased importance of cloud-based SaaS applications. For the purposes of managing the digital transformation of Linkbynet’s customers, the company wanted to increase the level of security in two areas:
- System administrators managing customer access
- Customers accessing their cloud-hosted resources through Linkbynet
“We use most of the platforms available on the market, so we needed a single tool to strengthen access security, both internally and for our customers. YubiKeys let us overcome all of these challenges: a maximum security level for a wide range of use cases, the most intuitive user experience and a competitive purchase price.”
The solution: a two-phase project
Before choosing Yubico, Linkbynet considered other solutions including Microsoft Authenticator, Google Authenticator and Fortitoken (the solution offered by Fortinet). However, these solutions did not provide the required level of security, ease of use, or the ability to meet all use cases at once. Yubico Authenticator App’s compatibility with Microsoft, Linux and Mac systems, as well as iOS and Android, offered considerable flexibility. On top of this, the multiple authentication protocols available on a single YubiKey offered compatibility with all different authentication methods required by applications used by LinkByNet. Lastly, the substantial volume of virtual token storage gave Linkbynet an MFA solution that could be used on the infrastructures of all its customers.
During the first phase, MFA was enabled on all applications supported by Linkbynet’s cloud federation tool (GCP, AWS and Alicloud via ADFS and Keycloak) for internal “technical” staff. Linkbynet’s customers can now log in to their cloud platform securely using the YubiKey. In total, it was rolled out to 600 users during this first phase.
During a second phase, MFA will be activated for all Linkbynet staff, using the YubiKey or the Yubico Authenticator App depending on the user profiles.
The results: optimized TCO and simplified user experience
Upgrading authentication at Linkbynet by implementing YubiKey has provided:
- Optimized Total Cost of Ownership
- Reduced IT costs
- Improved employee uptake thanks to a simplified authentication experience: employees only need to enter their credentials and press the YubiKey to gain instant access to the system, without having to enter (and remember) a complex password
- Flexibility of use: as YubiKey is compatible with Linkbynet’s various cloud environments, VPNs and other applications, as well as login, security levels can be easily customized according to user groups
- Compatibility with all major IAM solutions
Linkbynet plans to standardize the use of YubiKeys to secure access to the Fortinet VPN, as well as for login.
“Internally, uptake has been quite natural, thanks to the optimal user experience compared to other authentication methods. For our customers, this level of security was a prerequisite for accessing their cloud infrastructures, and some of them are also planning to use YubiKeys for their own internal needs.”