The dark side of the mobile authentication strategy

Not all MFA is created equal

Despite the growing tide and sophistication of cyber attacks, organizations continue to rely on legacy authentication methods such as usernames and passwords and mobile-based authenticators to secure access to critical and sensitive applications and data. A recent Google Cloud report indicates that 50% of compromises of enterprise cloud environments in Q4 2022 could be attributed to weak passwords. 

Organizations face mounting pressure from regulators and cyber insurers to strengthen cybersecurity defenses with multi-factor authentication (MFA), adding one or more additional pieces of evidence to the authentication process. However, while any form of MFA will offer better security than password-based authentication alone, the truth is that not all MFA is created equal. 

Legacy mobile-based MFA such as SMS, one-time passcodes (OTP) and push notification apps are highly susceptible to account takeovers from phishing, social engineering and man-in-the-middle (MiTM) attacks. And yet, up to 53% of or ganizations choose mobile-based authentication as their MFA form factor.2 Why is that? Because most organizations remain unaware of the security risks with mobile authentication. 

Today a data breach costs an average of $9.44M in the US and $4.35M globally3, but cyber attacks can also erode trust, disable critical infrastructure, disrupt core operations, increase cyber insurance premiums and result in the loss of intellectual property. Successful cyber attacks are the reason why regulators now specifically mandate phishing-resistant MFA, including the White House Executive Order 140284, Office of Management and Budget (OMB) Memo 22-095 and the National Security Memorandum/NSM-86 in the US, NIS27 for the EU and the global PCI DSS v4.0 standard8. And yet across the industry, confusion still exists about what forms of MFA are truly secure or phishing-resistant. 

The dark truth is that no form of mobile authentication is phishing-resistant. Further, your MFA strategy ROI can vary widely in terms of cost, user experience, coverage and even the ability to bridge to a passwordless future, depending on what MFA approach you choose. 

In this whitepaper, we’ll reveal the top five mobile authentication misconceptions to help you re-evaluate your long-term MFA strategy and to consider the shift to modern MFA. In fact, we’ll demonstrate that legacy mobile-based MFA is broken, and how you can achieve modern, phishing-resistant MFA with an estimated ROI as high as 203%.

 

Common forms of mobile authentication

The most common forms of mobile authentication rely on the human element—the manual entry of an output (code) or the approval of a sign-in request. The human element of authentication can have a direct impact on security risk, user productivity and support costs if the solution doesn’t offer an optimal user experience. In fact, 82% of data breaches can be tied to the human element—social attacks, credential theft, misuse or errors.

Five common misconceptions related to mobile authentication

Here are the top five mobile authentication misconceptions that put organizations at risk of account takeovers and increased OpEx and CapEx costs, if not addressed:

 

  • #1: Mobile authentication is phishing-resistant 
  • #2: Mobile authentication is cost-effective
  • #3: Mobile authentication is user-friendly
  • #4: Mobile authentication offers 360° coverage
  • #5: Mobile authentication is future-proofed
 

 

Yubikey offers simple, phishingresistant MFA

Yubico created the YubiKey, a hardware security key that supports phishing-resistant two-factor, MFA and passwordless authentication at scale with an optimized user experience.

The YubiKey is a multi-protocol key, supporting both PIV/smart card and FIDO2/WebAuthn standards along with OTP and OpenPGP, integrating seamlessly into both legacy and modern environments, helping organizations bridge to a passwordless future supported by hardware-bound passkeys.

Modern hardware security keys such as the YubiKey provide an authentication process that is free of human error, offering organizations a path to zero trust that is proven to reduce risk by 99.9%. The YubiKey works across the organization and in places legacy MFA can’t, free from reliance on external power, batteries or network connection.

The YubiKey is designed to deliver a great user experience, letting users securely log in to over one thousand products, services and applications, including leading identity and access management (IAM) platforms, privileged access management (PAM) solutions and cloud services, with the secrets never shared between services.

 

Getting started is easy

Net Universe has been recognized as the Yubico Strategic Partner of 2022. This award is a testament to our ongoing commitment to delivering the best security solutions to our clients.

Combining IT and logistics services, Net Universe is the unique YubiKey authorized distributor that has the ability to distribute or collect equipment anywhere in the world, without customs barriers, at the best cost and in times that no one can overcome.

If you need the best conditions to purchase Yubico products and licenses please visit our shop.

If you want to learn about our Yubico solutions with integrated logistics services, taking your company to the next level,  please make an appoinment with a specialist. 

 

Decoding the Future of Hybrid and Remote Work

Provisioning & Collections
Provisioning & Collections

Decoding the Future of Hybrid and Remote Work

 We break down the main trends that shape the present and future landscape of hybrid and remote work:

 

New Norm: The Hybrid Work Framework

The hybrid work paradigm, where employees can oscillate between remote and in-office work, is gaining prominence post-pandemic. This model offers flexibility, monetary savings, and conserves time for employees, while enabling companies to economize on physical workspace and other related resources. Although some businesses are reverting to fully in-person operations, many others are gravitating towards this blend of remote and onsite work.

 

Flexibility Takes Centre Stage

Flexible work arrangements are driving the preference for remote or hybrid models over traditional five-day office weeks. Factors such as childcare responsibilities, mental wellbeing, and personal fitness have all contributed to this shift. The ability to choose one’s work time and place has led to increased productivity and job satisfaction, despite longer work hours. A telling stat is that 46% of employees in hybrid work models with flexible hours have reported heightened job satisfaction.

In response to this demand for better work-life balance, many organizations are setting boundaries on work expectations, encouraging breaks, and discouraging out-of-hours work. This flexible approach has significantly improved workplace culture and team dynamics.

 

Technology: The Backbone of Remote Work

Advancements in technology continue to facilitate remote work. Tools such as Zoom, Skype, and Microsoft Teams have become integral to our work routines, playing a pivotal role in maintaining high levels of engagement. Businesses are now investing heavily in technology for seamless communication and collaboration within remote teams. Tools for video conferencing, project management, and cloud storage, as well as advancements in areas like artificial intelligence, are enabling employees to enrich their work experience remotely.

 

Wellness: More Than Just a Buzzword

Emphasizing employee wellness, organizations are introducing wellness programs and resources to counter the isolation and potential burnout of remote work. Digital yoga and fitness classes, paid wellness or mental health days, and even virtual happy hours all contribute to an employee’s sense of wellbeing and connectedness, helping them maintain a healthy work-life balance.

 

Diversity, Equity and Inclusion: More Than Just a Checkbox

Remote work is instrumental in fostering diversity and inclusion by enabling companies to source talent globally. Organizations are adopting policies to ensure that remote workers are integrated into the company culture and decision-making processes. By fostering diverse and inclusive teams, businesses can stimulate a working environment conducive to innovation and success.

 

Environmental Sustainability: The Green Advantage

Remote and hybrid work models can significantly reduce carbon emissions by cutting down on commuting. By supporting such models, businesses also enable employees to utilize time otherwise spent on commuting for personal activities. This not only promotes employee satisfaction but also contributes to environmental sustainability.

 

Revolutionizing Workforce Management

Managing a remote workforce demands a different skill set than managing an in-person team. Businesses are acknowledging this and investing in training their managers on crucial aspects of hybrid and remote team management, such as effective communication, productivity assessment, and utilizing collaboration tools. This focus on equipping managers with the right skills can significantly contribute to the success of digital transformation.

 

Remote Workforce Provisioning: The New Frontier

In the realm of hybrid and remote work, effective and efficient workforce provisioning has emerged as a crucial element. This pertains to the supply and management of necessary resources that enable employees to work remotely without hindrances.

It involves onboarding and offboarding processes, having equipment (laptops, monitors, accessories, etc.) to deliver at the indicated time to new hirings, as well as picking them up from the home of employees leaving the company, coordinating the pick-up, tracking the shipment and delivering it to the office or warehouse where inventories are stored.

To refresh IT equipment, the new asset must be sent and exchanged with the one the user is currently using, with the coordination and follow-up that this implies, and for which technical time will have to be dedicated (software installation, hardware reconditioning), administrative and logistics time. It especially becomes complex for global companies, where the employee could live anywhere in the world.

Supporting companies in Hybrid and Remote Workforce, Net Universe has created the Provisioning & Collection (P&C) service, in which a client can contract the services of shipping and recovering laptops (and accessories), but also use our own warehouses strategically distributed in different continents, where an inventory of each client’s equipment is stored to be conditioned, installing the base software, managed, controlled and sent anywhere in the world, even in those countries where the shipment of equipment is complicated due to restrictions customs or unfavorable local conditions.

This trend is being increasingly used by companies of different sizes, those as large and global or even smaller and with operations in certain regions.

 

P&C How it works?

In essence, remote workforce provisioning is about providing employees with the means to perform their roles effectively in a remote setting, ensuring they can deliver their best work, no matter where they are located. By addressing these areas, businesses can ensure a smoother transition to remote working models, resulting in increased employee satisfaction and productivity.

In summary, the future of hybrid and remote work hinges on flexibility, employee empowerment, and a healthy work-life balance. By focusing on technology, employee wellness, inclusive workspaces, and innovative remote workforce management, businesses can foster a thriving hybrid or remote work culture that benefits employees, customers, and ultimately, their own success.

If you want to learn more about Net Universe Provisioning & Collection services and how Net Universe can help your company optimize IT Supply Chain processes, visit https://www.netuniversecorp.com/provisioning-collection/

 

New study from Yubico reveals now is the time to move from legacy authentication to modern, phishing-resistant MFA

Study finds 59% of enterprises report experiencing a data breach last year, yet 91% are still relying on usernames and passwords as their form of authentication

SANTA CLARA, CA and STOCKHOLM, SWEDEN – April 25, 2023 – Yubico, the leading provider of hardware authentication security keys, today at RSA Conference in San Francisco unveiled the results of a new research report conducted by S&P Global Market Intelligence. Commissioned by Yubico, the report surveyed over 500 IT leaders in the US and Canada and explored the top multi-factor authentication (MFA) trends among businesses today and the critical forces shaping authentication – including the impacts of government and regulatory compliance. This report is a sequel to a previous study that the companies conducted in 2021 and demonstrates how sentiments and behaviors have shifted when it comes to the adoption of MFA. 

Over the last two years, respondents reported a continued reliance on the least secure forms of authentication, including traditional usernames and passwords and one-time passwords (OTPs). This is surprising considering 59% of respondents reported having a security breach within the past year – up 6% from just two years ago. Additionally, the report revealed a significant increase in MFA deployment for customers, which jumped to 57% from 45% (a 12% increase). 

“Not all MFA is equal, and even though businesses know legacy MFA tools are not effective to stay secure, we’re seeing they’re still using them as primary tools of defense,” said Ronnie Manning, chief marketing officer, Yubico. “Now more than ever, education around the importance of phishing-resistant MFA is critical to officially move away from legacy MFA tools that are leaving thousands of businesses exposed to cyberattacks around the world.”                                                                                                                                                                                                                                                                                                                                                                                        

The survey highlighted many additional key findings, including:

  • Only 46% of respondents protect their enterprise applications with MFA  
  • Nearly 74% have some level of concern about the security of SMS or push-based authentication
  • In general, the least secure methods of authentication such as passwords and SMS-based MFA are deployed most frequently
    • Username and password ranks at the top with 91% response selection, while hardware-based USB security keys (62%), biometrics (59%) passwordless MFA (58%) and smart cards (58%) are the least deployed
  • Nearly three-fourths (69%) of respondents have some level of concern about the security of SMS or push-based authentication

“These survey results show a clear disconnect between the reality we’re facing of constant rising threats of sophisticated cyberattacks like phishing, and the actions that businesses are taking to stay secure,” said Manning. “There remains a considerable gap between the security and useability tradeoff of MFA tools, and this is highlighted by some confusion regarding phishing-resistant MFA and how the most secure tools like security keys can actually offer the best balance of cost savings and ease-of-use.”

The survey also revealed critical forces shaping authentication and a foundation for the adoption of modern MFA, including the Executive Order (EO) on Cybersecurity issued by President Biden in May of 2021 in response to the US Office of Management and Budget issued Memo M-22-09. Nearly two-thirds (64%) have heard of the White House EO and related OMB guidance regarding phishing-resistant MFA and 91% of respondents report being familiar with FIDO standards. It’s clear that many organizations have responded to the call for more secure forms of authentication, but there is still a need to spread awareness and increase education around phishing-resistant MFA overall.

To see the results of the survey and download the report, visit here. Learn more about the YubiKey and phishing-resistant MFA here. If you’re attending the RSA Conference, be sure to stop by Yubico’s booth S-4300 Moscone South.

About the study

The report was commissioned by Yubico and its findings presented in this report draw on a North American survey fielded in December 2022/January 2023. Respondents were based in the United States and Canada in company sizes of 500+ FTE. The survey targeted senior professionals and executives in IT security, compliance, and cyber risk. All respondents were screened for being involved in their organization’s purchase of security products and knowledgeability about MFA. Respondents were from the following industries: Education, Financial Services, Public Sector, Healthcare, Hospitality, Manufacturing, Media, Professional Services, Retail, Technology, Transportation and Logistics. This report also draws on contextual knowledge of additional research conducted by S&P Global Market Intelligence.

About Yubico

Yubico, the inventor of the YubiKey, makes secure login easy and available for everyone. Since the company was founded in 2007, it has been a leader in setting global standards for secure access to computers, mobile devices, servers, browsers, and internet accounts. Yubico is a creator and core contributor to the FIDO2, WebAuthn, and FIDO Universal 2nd Factor (U2F) open authentication standards, and is a pioneer in delivering modern, hardware-based authentication security at scale. 

YubiKeys are the gold standard for phishing-resistant multi-factor authentication (MFA), enabling a single device to work across hundreds of consumer and enterprise applications and services. Yubico’s technology enables secure authentication, encryption, and code signing and is used and loved by many of the world’s largest organizations and millions of customers in more than 160 countries. 

Aligned with its mission of making the internet more secure for everyone, Yubico donates YubiKeys to organizations helping at-risk individuals through the philanthropic initiative, Secure it Forward. Yubico has presence around the globe and offices in Santa Clara, San Francisco, Seattle area, and Stockholm. 


About Net Universe

Net Universe has been recognized as the Yubico Strategic Partner of 2022 and has the full range of YubiKey, with worldwide shipping.

Combining IT and logistics services, NetUniverse is the only authorized YubiKey distributor that has the ability to ship equipment anywhere in the world, without customs barriers, at the best cost and in times that no one can beat.

For more information, please visit: https://www.netuniversecorp.com/yubico/

 

Contact information:

[email protected]

The Total Economic Impact™ Of Yubico YubiKeys

Risk Reduction, Business Growth, And Efficiency Enabled By YubiKeys

Security leaders must deploy strong multifactor security solutions to protect their organizations, users, and customers. Forrester interviewed security leaders from five enterprises using YubiKeys and found that YubiKeys slashed exposure to security breaches from phishing and credential thefts by 99.9% while driving business growth through improved reputation and access to high-security contracts. Further, YubiKeys reduced administrative overhead while providing a flexible, dependable user experience.

YubiKeys are hardware-based, phishing-resistant multifactor authentication (MFA) solutions based on open standards that are produced by Yubico. YubiKeys support a vast range of authentication protocols and come in a wide variety of form factors and connectors, such as USB-A, USB-C, Lightning, and NFC, ensuring that they can be used by almost any organization and user on almost any device.

Read more…

Phishing-resistant MFA on Azure AD with YubiKeys now generally available

Phishing-resistant MFA on Azure AD with YubiKeys now generally available

Following last November’s announced public preview of Azure AD Certificate-based authentication (CBA) on iOS and Android devices using certificates on hardware security keys, we’re excited to share that it is now generally available for everyone! Be sure to check out Microsoft’s blog post detailing the general availability here for more information.

As mentioned previously, CBA (which you may know as PIV or as smart cards), is widely deployed across many industries and for a long time has been a favorite amongst security experts. It is currently the only form of phishing-resistant authentication within Azure that is supported on mobile devices, which is an important factor for an organization when deciding which scheme to adopt. The lack of strong and convenient authentication methods on mobile has been holding back organizations from requiring phishing-resistant authentication everywhere.

“As the threat of sophisticated cyberattacks continues to rise, ensuring our customers have access to phishing-resistant MFA methods like YubiKeys while using our products and platforms is critical,” said Natee Pretikul, Principal Product Management Lead, Microsoft Security division. “Thanks to our collaboration with Yubico, we’re thrilled that our federal government and enterprise customers can now use Azure AD CBA on iOS and Android devices to comply with the Executive Order on improving the Nation’s Cybersecurity that directs the use of phishing-resistant MFA on all device platforms.”

Azure AD and YubiKey support for phishing-resistant authentication continues to grow day by day. Check out some of the simple ways your organization can now help prevent phishing with CBA. All of these can be enabled with YubiKeys and Azure AD, all without passwords on your mobile devices: 

  • Sign-in to your favorite Microsoft first party applications like Office, Teams, Outlook and many more.
  • Sign-in to other 3rd party applications, or even your organization’s custom apps protected with Azure AD.
  • Sign-in to Edge profiles which then allows Single Sign-On (SSO) to all your favorite Azure AD protected web applications. 
  • Sign-in to your Azure Virtual Desktops with the web client.
  • Is your organization still using AD FS for CBA? YubiKeys on mobile devices are supported there too.

Now with this new support on mobile, your organization can take the next step and require the strongest Conditional Access Policy Authentication Strength, using certificate based authentication everywhere, even on mobile devices. Using Conditional Access Policies, your organization can block any sign-in attempt that does not use CBA.

Setting up CBA on Azure requires some basic configuration steps within Azure AD and for many apps it will require the installation of the Microsoft Authenticator app on Android or iOS/iPadOS. The Yubico Authenticator app is also needed on iOS/iPadOS and configured following these steps. Your existing YubiKey PIV/smart card issuance process does not need to change. And finally, set up Conditional Access Policies Authentication Strengths so you can see how access is blocked if you don’t use CBA.

Now that you are all set up, go and try it out – you’ll find that the process is extremely easy and user-friendly. If you want to learn more about all the other things YubiKeys can do with Azure AD CBA beyond mobile, see these pages here to help you on your phishing-resistant authentication journey with Azure AD.

——

For more information, don’t miss our upcoming webinar with Microsoft on June 15 at 9am PT, “Prevent phishing with Azure AD CBA and YubiKeys on mobile devices” – register in advance here.

Review of The Wall Street Journal about YubiKey

The Strongest Protection for Online Accounts: The little Key called YubiKey

Passwords aren’t enought to fend off hackers; these dongles are the best defense.

The Wall Street Journal has published a note mentioning how leading platforms and prividers, like Twitter and Apple, are migrating and recommending the use of security keys to protect personal accounts.

“Strong passwords are very important, but they’re not enough to protect you from cybercriminals.

Passwords can be leaked or guessed. The key to online security is protecting your account with a strong secondary measure, typically a single-use code. This is referred to as “two-factor authentication,” or 2FA, as the nerds know it. “

Nicole Nguyen, from The Wall Street Journal explains about all the different types of 2FA, such as getting those codes sent via text message or generated in an authenticator app. Having any kind of second factor is better than none at all, but physical security keys—little dongles that you plug into a USB port or tap on your phone during account logins—offer the highest level of protection.

See the complete article at the The Wall Street Journal website or download the publishing.

 

Into the article you can find and summary of the benefics by using security key, like YubiKey and a list of questions you can make about it like:

  • Whick security key should I use?
  • How do security keys works?
  • Why are they so secure?
  • What happens if you lose your key?
  • Where can you use a security key?
  • What comes after security keys?

See the full article at the The Wall Street Journal website or download the publishing.

The YubiKey

The YubiKey

The YubiKey is hardware authentication reimagined. Secure the identities of your employees and users, reduce support costs, and experience an unmatched user experience.

How YubiKey works

No more reaching for your phone to open an app, or memorizing and typing in a code – simply touch the YubiKey to verify and you’re in. Additionally, you don’t need to use the YubiKey every time. Once an app or service is verified, it can stay trusted. It’s that easy.

Are you considering migrating to Google Workspace?

Are you considering migrating to Google Workspace?

Net Universe offers seamless migration services, making your transition smooth and stress-free.

More than 25 years of experience and Google certified professionals.

Trust our 24/7 support center to assist you throughout the migration process.

Transform your business today by visiting our website to learn more. 

https://www.netuniversecorp.com/google/

 

Contact us: [email protected]

 

Streamline your virtual meetings with Google Meet hardware

Streamline your virtual meetings with Google Meet hardware taking advantage of the worldwide delivery services of Net Universe.

High-quality video conferencing made easy with seamless integration into your Google Workspace.

 

With our 24/7 support center, we’re always there to help you maximize your meeting experiences.

We sell the entire line of Google devices and hardware, both for end users and for offices and meeting rooms: Chromebook, Google Meet, etc.

 

Visit our website to explore our offerings and elevate your video meetings.

Upgrade your Google Workspace with ChromeOS devices

Upgrade your Google Workspace with ChromeOS devices and worldwide delivery of Net Universe!

Experience the speed, security and simplicity of Chromebooks and Chromeboxes.

Devices with Chrome Enterprise deliver a modern experience to employees with built-in security, fast deployment, and automatic updates.

 

 

Learm more about ChromeOS and explore our wide range of devices!

Buy ChromeOS devices in out Shop.

Contact us: [email protected]

 

We have Chromebooks designed specifically for business with the speed, durability, and security your teams need. We offer Chromebook Enterprise devices that come preconfigured with the Chrome Enterprise Upgrade to manage right out of the box.

Choose Net Universe for our comprehensive device selection and 24/7 support center, ensuring you have the right tools and assistance whenever needed.

Unleash the power of Google Workspace

Google Workspace

Unleash the power of Google Workspace with Net Universe!

Enhance your team’s collaboration, communication, and innovation using our top-notch services.

Our expertise in commercialization of Google licenses, implementation, email migrations and the powered logistic services of Net Universe to deliver equipment anywhere in the world, at the best cost and without barriers, will take your company to a level that you never imagined.


  • Net Universe offers seamless migration services from other email platforms to Google Workspace, ensuring a smooth transition for your business.
  • Benefit from our expert 24/7 support center that ensures your success.
  • Shop and worldwide delivery for all Google hardware products.

 

Discover the full Google Ecosystem possibilities.

Contact a specialist in Google services, Google Chrome Enterprise, Chromebooks and Google Meet hardware:

[email protected]

Make an appoinment with a specialist.