For regulatory compliance

Drive regulatory compliance with government and
industry-approved strong two-factor, multi-factor,
and passwordless authentication
lock on keyboard

Modern strong authentication
for governments and highly security-conscious organizations

The YubiKey provides FIPS 140-2 validated strong phishing-resistant two-factor, multi-factor, and passwordless authentication at scale, helping government agencies and highly regulated enterprises drive compliance to global and local industry regulations.


Securing Your Critical Assets in an Ever-Changing Regulatory Environment

Learn about Security, Compliance, and Modern Strong Authentication.

ebook cover with lock

Need to adopt a zero trust architecture and deploy MFA per the U. S. Executive Order on Improving the Nation’s Cybersecurity? Yubico can help with strong authentication that supports zero trust initiatives.

yubikey on globe

Strong two-factor, multi-factor and passwordless authentication

YubiKeys offer phishing-resistant strong authentication, and are the only solution proven to stop account takeovers in independent research.

YubiKeys for two-factor, multi-factor, and passwordless authentication are helping global organizations drive compliance to regulatory authentication requirements across a wide variety of industries.

gov building at night

Meets Federal Government compliance requirements

Yubico solutions are fully vetted and approved for sale throughout the public sector, both domestically in the United States and abroad.

YubiKeys are FIPS 140-2 validated (Overall Level 1 (Certificate #3907) and Level 2 (Certificate #3914), Physical Security Level 3), to NIST SP 800-63-3 Authenticator Assurance Level (AAL) 3 requirements. They are also Department of Defense Cybersecurity Maturity Model Certification (CMMC) Level III and FedRAMP compliant, and support DFARS/NIST SP 800-171.

woman working at computer

Drives compliance to global financial services regulations

The financial industry has many compliance requirements to contend with. There have been a number of wide-sweeping changes to financial benchmarks (LIBOR), new state and Global privacy laws (GDPR), executive orders, and also indications of revisions to PCI DSS.

The YubiKey helps financial organizations satisfy strong authentication requirements related to PII and payment information, for PCI DSS, GLBA, FFIEC, PSD2, eIDAS, SOX, SOC2, GDPR, DORA, as well as state and local laws such as CCPA and 23 NYCRR 500.

healthcare worker using yubikey

Satisfies strong authentication requirements for global healthcare regulations

Despite regulatory pressures across the healthcare industry to protect the privacy and security of PHI and IP, common obstacles to improving authentication exist, including hybrid infrastructure challenges.

The YubiKey offers modern strong authentication at scale that healthcare organizations can leverage to satisfy authentication requirements for HIPAA, HITECH, 21 CFR Part 11, the Support Act/EPCS, ONC Cures Act Final Rule, GDPR, and CCPA. A single YubiKey supports multiple authentication protocols, making it an ideal solution for strong authentication across both legacy and modern infrastructures.

man working with hardhat

Meets regulations for energy and natural resources organizations

The 2020 Colonial Pipeline hack drove White House Cybersecurity Executive Order #14028 mandating Zero Trust and impersonation-resistant MFA, and the TSA Security Directives 2021-01 and 2021-02 for Pipeline owners and operators, to implement special mitigation measures to protect against ransomware and other cyber threats.

The FIPS 140-2 validated YubiKey meets NIST SP 800-63B Authenticator Assurance Level (AAL) 3 requirements, enabling energy, utilities, and oil and gas entities to comply with EO #14028, the TSA Security Directives, and other government regulations like Sarbanes-Oxley (SOX), the Federal Energy Regulation Commission (FERC), and North American Electric Reliability Commission (NERC) Critical Infrastructure Protection Standards.


Learn more about the YubiKey for Regulatory Compliance

compliance federal gov white paper cover with gov building
How the YubiKey meets U.S. Federal Government regulations
financial white paper cover with laptop
How the YubiKey meets global financial services regulations
healthcare white paper with workers
How the YubiKey helps global healthcare organizations meet regulatory requirements
array of logos

Additional resources

Webinar

CMMC: Recommendations to navigate the new Cyber Certification requirements

Webinar

The President’s Cybersecurity Executive Order: Achieve zero trust and strong MFA

Get Started

YubiKey 5 series

Find the right YubiKey

Contact our sales team for a personalized assessment of your company’s needs.

YubiKey in an ice cream cone
Get protected today

Browse our online store today and buy the right YubiKey for you.