Synetis Eliminates Password Hassles and Bolsters Security with YubiKey

Protecting employee workstations against cyber threats

As CIO at Synetis, Ludovic Malle s responsibilities cover the firm s entire internal IT infrastructure. His responsibilities range from managing the physical infrastructure (such as network cabling) to supporting users in unlocking applications. Like any CIO, Malle works to secure Synetis against cyber threats—and securing all access points and employee workstations against phishing attacks was an urgent priority. The goal was to achieve the highest level of digital hygiene while preserving daily usability for employees.

“The problem was how to manage the encryption of the physical hard drives of employee workstations, while controlling user access to their workstations,” says Malle.

Previously, employees were required to set strong, complex passwords and renew them every 90 days which caused friction. A constant cycle of forgotten passwords placed a significant, yet preventable, burden on the IT team. Synetis needed a solution that offered the same or higher level of security with a simpler user interaction.

YubiKeys offer a future proofed and versatile solution

After benchmarking various solutions, Synetis opted to deploy the YubiKey, a phishing-resistant hardware security key that requires a physical touch or contactless tap to authenticate, blocking even the most sophisticated phishing and man-in-the-middle attacks. Developed, manufactured and programmed in Sweden, YubiKeys can store up to 100 passkeys, as well as Smart Card credentials and more, offering important flexibility for organisations of all sizes.

Other solutions offered by different providers were considered but did not fully meet the functional criteria at the time. While some alternatives also involved recurring costs, which weighed heavily in the decision, the YubiKey, based on a physical device, is a one-time purchase that quickly pays for itself, and therefore also stood out for its economic model.  Synetis were drawn to Yubico’s ability to offer highest assurance security with real ease of use. Not only did YubiKeys meet Synetis’ current needs, but their versatility offered the opportunity to explore new use cases in future. Almost immediately, usage of YubiKeys was expanded to protect access to servers.

YubiKey deployment entirely eliminates password reset requests

A proactive approach to employee communication with users regularly reminded by the IT team of the importance of the new access methods, ensured a successful deployment with strong adoption. Since introducing the YubiKey, the numerous requests to the IT team related to forgotten passwords have completely disappeared. This 100% reduction in password reset requests has freed up valuable time for the IT team to focus on higher-value initiatives. When YubiKeys are lost or forgotten, recovery procedures are well defined, allowing the IT team to save time. They also advise employees to attach their key to their badge with a key ring, which further limits the risk of forgetting or losing it.  

Workstations lock automatically when an employee removes their YubiKey—a simple but effective enhancement to workplace security. YubiKeys represent more than just a hardware security key,” says Malle. “There is no doubt that the YubiKeys will last for years. It is a futureproof choice that not only secures our systems today, but also prepares us for the challenges of tomorrow, while remaining easy to use for all our employees.” 

Looking to the future, Malle is considering further potential use cases, including using the YubiKey for SOC server applications, and to secure employees’ phones using NFC. The end goal is for the Yubikey to be used for as many functions as possible—including, like in many companies, as an access token for physical access.  

For more information about Synetis via the website https://www.synetis.com/