Enable secure privileged access management
Protect privileged accounts from phishing and account takeovers
Watch the webinar
Learn why securing privileged users and accounts with phishing-resistant multi-factor authentication (MFA) is a critical need across the industry.
Modern privileged access management
Privileged access management is critical, as these users are prime targets for cybercriminals. The YubiKey ensures that all privileged users follow a higher bar of security, in turn protecting organizations from account takeovers.
Modernize authentication for privileged users
New and varied threat vectors put privileged accounts at great risk. The majority of security breaches involve misuse of privileged credentials. This creates ready access to valuable information including intellectual property, business plans, and financial data, causing crippling consequences for the business.
YubiKeys bridge legacy MFA to modern protocols such as FIDO2 and WebAuthn. The YubiKey is based on hardware and the authentication secret is stored on a separate secure chip built into the YubiKey, so it cannot be copied or stolen. This makes it the best security for authenticating privileged users.
Stop phishing and account takeovers in their tracks
Phishing is the art of tricking people into revealing personal information, and usernames and passwords are often targeted for these types of attacks. 68% of the phishing emails blocked by Google today are new variations that were never seen before, indicating the fast pace of evolution of these threats.
YubiKeys have been proven to offer the highest levels of security against account takeovers in independent research, preventing targeted attacks. Even if a user is tricked into giving up their personal information the YubiKey isn’t fooled. User credentials are bound to the origin, so only the real site can authenticate with the key.
Enjoy strong security while driving high user adoption
Password and SMS-based security are highly vulnerable to phishing and porting scams, and also offer a poor user experience involving multiple steps. Users are plagued with password resets, account lockouts, dependency on cellular connectivity, waiting for SMS codes and more.
The YubiKey provides reliable hardware security that does not require a battery or network connectivity, so it is always on and accessible. It offers strong security that has been proven to eliminate account takeovers with one touch, and is 4 times faster than typing in an OTP.
Reduce password support incidents and lower IT operational costs
The average company loses $5.2M annually in lost productivity due to account lockouts according to the 2019 State of Password and Authentication Security Behaviors Report. Gartner estimates that 20-50% of helpdesk calls are for password resets, and Forrester estimates the cost of each incident to be approximately $70. These costs can be even higher for privileged users.
Reducing password-related support incidents saves organizations from high IT operational costs. The YubiKey has been proven to reduce support incidents by up to 92%, saving the organization money while increasing productivity for privileged users.
Case in point:
CERN protects admin accounts and server access with YubiKeys
CERN is the European Organization for Nuclear Research and one of the world’s most respected centers for scientific research. CERN has many critical computing services and account protection for administrators and operators became a top concern.
CERN wanted an authentication solution that was simple to use and could easily integrate into various systems. The organization adheres to a BYOD policy, so flexibility to work with multiple operating systems including Linux, Mac OS, and Windows, was another key necessity. The CERN team selected the YubiKey, which met all the usability and integration criteria.
The YubiKey was easily integrated into existing systems and seamlessly provides protection to users with just one touch. CERN plans to roll out YubiKeys to the larger organization including all administrators in the IT department, and to users with administrative access to systems in the data center.
“We are permanently evaluating our security footprint, and while we keep improving our computer security, we identified that there were a certain amount of accounts that could be considered a single point of failure. This is why we chose to roll out multi-factor authentication.”
“With regard to YubiKey deployment and usage, if our staff don’t say anything, that’s a sign they are generally happy. Given the silence, the YubiKey has been quite a success.”