• Contact Sales
  • Resellers
  • Support
Yubico Header Text LogoYubico Header Text Logo
Why Yubicoexpand_more
Why Yubico
  • Enterprises
  • SMBs
  • Individuals
  • Developers
  • Careers
  • Partner programs
  • Affiliate program
  • Contact Sales
  • Events
  • Press room
  • Yubico Blog
  • Yubico Executive Connect
  • About us
  • The team
  • Investors
  • Innovation history
  • Secure it Forward
Man holding YubiKey
Easy-to-use, secure authentication

With YubiKey there’s no tradeoff between great security and usability

Why YubiKey
Google headquarters
Proven at scale at Google

Google defends against account takeovers and reduces IT costs

Google Case Study
Hand holding YubiKey behind Apple iPhone
Protecting vulnerable organizations

Secure it Forward: One YubiKey donated for every 20 sold

Learn about Secure it Forward
Productsexpand_more
All products
  • YubiKey 5 Series
  • YubiKey 5 FIPS Series
  • YubiKey Bio Series
  • Security Key Series
  • YubiKey 5 CSPN Series
  • YubiHSM 2 & YubiHSM 2 FIPS
  • YubiEnterprise Subscription
  • YubiEnterprise Delivery
  • Yubico Authenticator
  • Computer login tools
  • Software Development Toolkits
  • YubiCloud
  • Using YubiKey is easy
  • Find the right YubiKey
  • Works with YubiKey
  • Compare YubiKeys
Woman holding YubiKey 5ci
One key for hundreds of apps and services

YubiKey works out-of-the-box and has no client software or battery

Yubico protects you
See YubiKeys as a Service
YubiEnterprise Subscription delivers scale and savings

Gain a future-proofed solution and faster MFA rollouts

See YubiKeys as a Service
Solutionsexpand_more
Solutions overview
  • Zero Trust
  • Executive Order OMB M-22-09
  • Phishing-resistant MFA
  • Passwordless
  • Compliance
  • Cyber Insurance
  • Secure supply chain
  • Critical infrastructure
  • Hybrid & remote workers
  • Secure privileged users
  • Mobile restricted environments
  • Call centers
  • Shared workstations
  • Microsoft ecosystem
  • Salesforce workspace
  • IAM solutions
  • AWS environment
  • HYPR experience
Hand holding YubiKey behind Apple iPhone
The Bridge to Passwordless

Begin the journey to make your organization passwordless

Get the white paper
Lock on a laptop
Accelerate your Zero Trust Strategy

7 best strong authentication practices to jumpstart your Zero Trust program

Get the white paper
Government building
Federal cybersecurity requirements

See guidance for CIOs and leaders to prepare for the modern cyber threat era

Get the white paper
Industriesexpand_more
Industries overview
  • High tech
  • Federal government
  • Federal systems integrators
  • State & local government
  • Education
  • Financial services
  • Elections & campaigns
  • Retail & hospitality
  • Telecommunications
  • Healthcare
  • Pharmaceuticals
  • Cryptocurrency
  • Energy & natural resources
  • Manufacturing
man working a manufacturing line
Manufacturing and supply chain security

Authentication best practices for manufacturing using highest-assurance security

Get the white paper
Person looking at a computer with a government building showing
Phishing-resistant MFA: Fact vs. Fiction

Meet requirements for phishing-resistant MFA in OMB M-22-09 guidelines

Get the white paper
Remote workers at a wind farm
Secure energy and natural resources from cyber threats

Best practices for phishing-resistant MFA to safeguard your critical infrastructure

Get the white paper
Resourcesexpand_more
All resources
  • Yubico Blog
  • Cybersecurity glossary
  • Authentication standards
  • Resource library
  • Developer program
  • Product briefs
  • Solution briefs
  • Case studies
  • Get a pilot started
  • White papers and reports
  • Webinars
Laptop with a YubiKey inserted
BeyondTrust: secured with a subscription

A leader in Privileged Access Management simplifies YubiKey deployment

How they optimized ROI
S&P Global Market Intelligence report: old habits die hard

Only 46% of respondents protect their applications with MFA. How about you?

Read the report
Considering Passkeys for your Enterprise?

Learn how to avoid the common pitfalls of synced passkeys

Get the Ebook
Supportexpand_more
Support home
  • Find the right YubiKey
  • Set up your YubiKey
  • Downloads
  • Product documentation
  • Support articles
  • Support Services
  • Professional Services
  • YubiEnterprise Subscription
  • Works with YubiKey Program
  • Buying and shipping information
  • Security advisories
  • Help center
YubiKeys in lots of form factors
How to set up your YubiKey

Follow our guided tutorials to start protecting your favorite services

Set up your YubiKey
YubiKey on a keychain plugged into a laptop
Find the best YubiKey for your needs

Take the guided quiz and see which YubiKey best fits your or your businesses needs

Take the quiz
Worker with a calculator and laptop with a spreadsheet
Accelerate your YubiKey deployment

Technical and operational guidance for your YubiKey implementation and rollout

Professional Services
SubscribeStore
  • Critical infrastructure security

    Modern hardware-backed phishing-resistant authentication
    that stops modern cyber threats
    Learn more
    Home » Solutions » Critical infrastructure security

    Safeguarding vital sectors that humanity depends on with Zero Trust security

    workers in lab

    Across the globe there is an increasing number of malicious actors trying to cause mass disruption to public life and safety by targeting critical infrastructure with cyberattacks.

    These sectors are vital because their incapacitation or destruction would have a debilitating effect on a nation’s security or can pose a physical threat to human lives.

    Cyberattacks targeting critical infrastructure around the world1

    Critical infrastructure organizations that don’t adopt zero trust strategies2

    Electricity, oil & gas, and manufacturing firms experienced cyberattacks that impacted energy supply3

    Basic web application attacks involve the use of stolen credentials4

    “In our world, critical infrastructure is a high priority target for many nation states, so there will always be malicious actors looking to get in. In a worst case scenario, there could be a catastrophic failure of the primary plant. Some of those things can take years to replace.”

    OT Security Specialist, Anonymous State-Owned Energy Company

    How do you ensure that no user or device is allowed into your network unless vetted?

    Most cyberattacks, including ransomware, are caused by stolen credentials through phishing and simple human error. A core part of a successful cybersecurity zero trust approach depends on multi-factor authentication (MFA), but not all forms of MFA are created equal. 

    To protect against accounts takeovers from phishing and man-in-the-middle attacks, modern phishing-resistant authentication and hardware-backed security are the best way to safeguard the most critical information, processes, and informational technology (IT), and operational technology (OT), and industrial control systems (ICS) that our society depends on.


    Cyberthreats are on the rise. Yubico has you covered to protect against them.

    Yubico solutions provide robust security at scale and accelerate Zero Trust with phishing-resistant authentication. They play a pivotal role in stopping phishing attacks and account takeovers before they start, and making the internet safer for everyone. 

    worker with hardhat
    Protect user access to IT, OT and ICS systems with the YubiKey

    Whether in an industrial environment or corporate office, the IP68-certified YubiKey–a hardware security key with multi-protocol support–offers the most secure hardware-bound authenticator to protect user access. 

    YubiKeys stops 99.9% (5) of account takeovers while delivering a 203% ROI, and protects existing infrastructure while enabling the move to stronger phishing-resistant methods either: Smart card/PIV or FIDO.

    YubiHSM
    Protect devices and machines with the YubiHSM

    The world’s smallest HSM, YubiHSM 2, packs a lot of power, and offers game changing cryptographic protection for servers, applications, assembly lines, and computing devices. 

    Secure your public key infrastructure (PKI) environments, encrypt your files and databases, and securely sign code or any digital artifact to raise the bar for security for your critical infrastructure systems.

    Customer spotlight:

    Naftogaz enhances critical infrastructure protection

    with YubiKey

    As an important part of their strategy for developing energy independence and security, they are defending Ukraine’s national oil and gas company against cyber attacks. 

    View case study

    Access to phishing-resistant hardware-backed security has never been easier

    The work that you do matters and phishing-resistant authentication is a vital part of a successful comprehensive cybersecurity strategy that can protect you and all critical infrastructure organizations, anyone, and anywhere. In an interconnected world, everyone is responsible for strengthening the cybersecurity ecosystem.

    Industries


    Energy

    Utilities, energy, oil and gas entities can implement robust, easy-to-use authentication within

    Learn more
    Manufacturing

    Yubico solutions ensure highest-assurance security. Secure user access to critical…

    Learn more
    Financial Services

    The digital transformation underway in financial services is placing heightened demands on

    Learn more

    Healthcare

    Defense and civilian agencies require highest-assurance authentication. Yubico offers DOD approved, FIPS 140-2 validated multi-factor authentication for non PIV/CAC eligible workers, mobile and BYOAD/BYOD, air-gapped/closed networks, privileged users, remote workers and more.

    Learn more
    Telecommunications

    Retail and hospitality organizations are focused on delivering quality products or services to their customers while mitigating cybersecurity risks. Yubico ensures peace of mind that all sensitive information including customer, employee, and financial data is secure and brand reputation stays protected.

    Learn more
    Federal Government

    Yubico solutions ensure highest-assurance security. Secure user access to critical systems and data along the supply chain with the YubiKey for phishing-resistant MFA. Safeguard the assembly line, third-party access, intellectual property, and product integrity with the YubiHSM 2.

    Learn more
    Learn more about how we protect your industry

    image of two workers

    Boliden advances its reputation for

    innovation with YubiKeys

    “YubiKeys are a big enabler for digitization. They protect the identity of the end user and make their life easier. If a company moves towards digitization, you have to do it securely. It was different 15 years ago, but since more and more tools and functions are cloud based, it’s essential to protect identities.”

    Mathias Ignberg, Service Manager:
    Identity & Access Management and Cloud at Boliden

    View case study


    Secure critical infrastructure and invaluable resources

    Yubico solutions enable you to securely protect people, data, and systems all across the globe from modern cyber threats. Learn more about how phishing-resistant hardware-backed security covers a variety of business scenarios. 

    privileged access icon

    Privileged access >

    mobile restricted icon

    Mobile restricted >

    shared workstations icon

    Shared workstations >

    wifi icon

    Hybrid & remote workers >

    call center icon

    Call centers >

    supply chain icon

    Supply chain >

    third party access icon

    Third party access >

    customer icon

    End customers >


    Critical infrastructure cybersecurity that meets evolving compliance regulations

    Yubico solutions ensure that your organization meets evolving compliance regulations with phishing-resistant security. Both the YubiKey and YubiHSM 2 come in FIPS 140-2 validated form factors, and the YubiKey meets NIST SP 800-63-3 Authenticator Assurance Level (AAL) 3 requirements. The YubiKey is also available in CSPN-validated form factors.

    As part of the Enduring Security Framework (ESF), Cybersecurity and Infrastructure Security Agency (CISA), and the National Security Agency (NSA) for identity and access management best practices are recommending phishing-resistant MFA for all critical infrastructure sectors. 

    Guideline 800-63-4 details digital identity guidelines designed to help strengthen digital identity assurance and authentication and the need for phishing-resistant MFA.

    The EU Network and Information Security (NIS2) Directive Article 21 mandates the use of strong multi-factor authentication methods.  

    The Cyber Safety Review Board (CSRB) released a report urgently recommending that more stringent authentication solutions be implemented, transitioning away from SMS-based MFA and instead adopting easy-to-use passwordless solutions such as FIDO compliant phishing-resistant methods.

    The White House Executive Order (EO) 14028, Improving the Nation’s Cybersecurity, and the OMB M-22-09 is raising the bar for MFA and leveraging a zero trust framework with phishing-resistant MFA respectively.

    The Australian Signals Directorate (ASD) and the Australian Cyber Security Centre (ACSC) classify phishing-resistant FIDO2 security keys as the most secure form of MFA, reaching MFA Maturity Level Three according to their Essential Eight Maturity Model.

    “It is important to note that not all MFA solutions provide equal protection against authentication attacks, and there are critical implementation details that can impact the security and usability of an MFA deployment.”

    Sourced from: 
ESF- Identity and Access Management Recommended Best Practices for Administrators 

    Partnering with best-in-class leaders across the globe

    See how global organizations are protecting critical infrastructure by investing in Yubico solutions for modern phishing-resistant MFA authentication and hardware-backed security.  

    A U.S. state uses the YubiKey to protect voter registration databases from hackers

    Read the case study >

    Schneider Electric enhances global supply chain security with YubiKeys and YubiHSM

    Read the case study >

    Government of Nunavut turns to phishing-resistant YubiKeys after ransomware attack

    Read the case study >

    No matter where you are on your cybersecurity journey, we’ll meet you there.

    With Yubico you have a trusted partner.

    Contact us

    1. Nation-state cyberattacks become more brazen as authoritarian leaders ramp up aggression
    2. Cyber Attacks Against Critical Infrastructure Quietly Increase
    3. Cyber-Attacks on Industrial Assets Cost Firms Millions
    4. 2023 Verizon Data Breach Investigations Report
    5. The Total Economic Impact™ Of Yubico YubiKeys

Yubico Text LogoYubico Text Logo
  • RSS
  • Twitter
  • LinkedIn
  • Facebook
  • Instagram
  • YouTube
  • GitHub
  • Product finder quiz
  • Find set-up guides
  • Buy online
  • Contact sales
  • Get Yubico updates
  • Careers
  • Events
  • Press room
  • About us
  • Investors
  • Partner programs
  • Affiliate program
  • YubiKey 5 Series
  • YubiKey 5 FIPS Series
  • YubiKey Bio Series
  • Security Key Series
  • YubiKey 5 CSPN Series
  • YubiHSM 2 & YubiHSM 2 FIPS
  • Yubico Authenticator
  • Zero Trust
  • Phishing-resistant MFA
  • Passwordless
  • Cyber insurance
  • More solutions
  • Industries overview
  • Yubico blog
  • Resource library
  • Cybersecurity glossary
  • Authentication standards
  • Developer program
  • Works with YubiKey
  • Help center
  • Downloads
  • Product documentation
  • Support Services
  • Professional Services
  • Contact support
Yubico © 2023 All Rights Reserved.
  • Sitemap
  • Cookies
  • Legal
  • Privacy
  • Patents
  • Terms of use
  • Trust