SlideShare a Scribd company logo

The Best practices to secure smbs using yubico

A
Abdulghani Alkhateeb

This document discusses best practices for securing small and medium-sized businesses (SMBs) in today's evolving cyber threat landscape. It covers the increased risks SMBs face from remote work, underestimating threats, and using insecure password practices. The document advocates for moving beyond passwords to using strong multi-factor authentication (MFA) like security keys, which are phishing-resistant and proven to stop account takeovers. It provides guidance on how SMBs can get started with security keys by leveraging their ease of use, security, reliability, and affordability compared to other MFA options.

Technology
1 of 35
Download to read offline
© 2022 Yubico © 2022 Yubico Best practices to secure SMBs in an evolving cyber threat landscape January 28, 2022
© 2021 Yubico © 2018 Yubico What we’ll cover Evolving cyber threat and regulatory landscape Cybersecurity risks facing SMBs Critical need for phishing-resistant MFA How to get started
© 2022 Yubico CONFIDENTIAL - YUBICO INTERNAL ONLY © 2021 Yubico Abdulghani, IT Cloud Engineer, Clouds Zone
© 2022 Yubico © 2022 Yubico Evolving cyber threat and regulatory landscape
© 2022 Yubico We’re now squarely in the “new normal” Secure hybrid work is here to stay… Source: PEW Research Center, Dec 2020
© 2022 Yubico Hackers thrive in crisis FBI urges vigilance... 54% Source: FBI, 2021 Increase in cyber crimes since COVID-19 started... 300%
© 2022 Yubico 7 Remote and hybrid work risks Heightened threat vectors Places Technology People Remote workers are a high risk user category Home networks are generally less secure; lower confidence in remote endpoints Home networks not as secure as corporate Risk engine not adapting quickly enough to changes Accidental download of malware by family members Falling prey to phishing attacks tied to the pandemic
© 2022 Yubico 8 Clear need to move beyond passwords
© 2022 Yubico of hacking-related breaches use stolen credentials Source: Verizon Data Breach Investigation Report 80%
© 2022 Yubico © 2022 Yubico Cybersecurity risks facing SMBs
© 2022 Yubico SMBs are prime targets for cyberattacks Why?… 54% Your data is very lucrative Entry point for a larger attack Limited resources or dedicated IT support Inadequate cybersecurity training Easy profit from ready access to data 11
© 2022 Yubico Yet…SMBs grossly underestimate their risks “Why would anyone target us?... 54% Breaches involved small to mid-sized businesses 1 in 3 Source: Verizon’s 2020 Data Breach Investigations Report (DBIR)
© 2022 Yubico SMBs leaving themselves exposed Writing passwords down on paper…spreadsheets, documents 54% Using insecure methods to store passwords 1 in 5 Source: Devolutions State of Cybersecurity in SMBs 2021 - 2022
© 2022 Yubico A cybersecurity breach Fatal for SMBs... 54% Close down within 6 months of a breach 60% Source: US National Cyber Security Alliance
© 2022 Yubico SMBs need to secure digital transformation ● Secure the ways you fuel your business models ○ Ensure secure usage of social networks, and other communications channels, to generate demand, and stay connected with your customers. ● Ensure uninterrupted collaboration with your suppliers, partners and customers using software ○ Secure sharing of inventory information that enables flexibility and just in time shipping / delivery of supplies ● Secure usage of cloud-based applications ○ e.g. Using Salesforce.com to manage customer information ○ E.g. Workday for payroll and timesheets 15 © 2022 Yubico
© 2022 Yubico Secure key SMB business scenarios Remote and hybrid workers Mobile restricted Privileged users Office workers Shared workstations Supply Chain
© 2022 Yubico But there can be security challenges… ● Sifting through the options feels complicated ● Not sure of the right approach that will keep the business protected ● Limited IT support to get up and running ● Needs to be intuitive to drive up user adoption 17 You need an easy way to gain strong security, while making it a fast and easy process to enable user adoption
© 2022 Yubico © 2022 Yubico Critical need for strong authentication and phishing- resistant MFA that’s fast and easy
© 2021 Yubico What you know 19 What you have Who you are
© 2021 Yubico What you know Password PIN 20 What you have SMS OTP Smart card Security key Who you are Fingerprint Face Voice Iris
© 2021 Yubico Not all authentication is created equal Username and password Basic 2FA: SMS, email, mobile Strong authentication ● Not purpose-built for security ● Uses existing technology stacks that are vulnerable to network and software attacks ● Common target for credential phishing ● Purpose-built for security ● No network connection, stored data, or client software required ● Highly phishing resistant ● Deployed everywhere ● Known usability gaps ● Costly and hard to sustain ● Common target for credential phishing 80% attack penetration rate 0% attack penetration rate 10%-50% attack penetration rate © 2021 Yubico
© 2021 Yubico Ease of use Security Phishable 22 Non-phishable Some MFA is better than no MFA ...but not all MFA is phishing-resistant
© 2021 Yubico Not all MFA is phishing resistant
© 2021 Yubico Not all MFA is phishing resistant
© 2021 Yubico Not all MFA is phishing resistant
© 2021 Yubico Not all MFA is phishing resistant
© 2021 Yubico Not all MFA is phishing resistant
© 2021 Yubico Not all MFA is phishing resistant
29 Security key (YubiKey) 10% 21% 24% 50% 0% On device prompt (OTP push app) Secondary email SMS code Phone number Hardware FIDO security keys …proven to stop account takeovers in their tracks
© 2021 Yubico 30 Security ● Dedicated, security-focused chip ● Protect against phishing and MitM Privacy ● No privacy risk being a personal device ● Can be anonymous, if desired Portability ● Portable root of trust across all devices ● Mobile restricted areas, shared workstations Reliability ● No battery or signal dependency ● Crush and water resistant Affordability ● Easier recovery and multiple backups reduce support costs TPM Mobile apps/built-in authenticators have limitations
© 2021 Yubico 31 Twitter breach and recommendation... “MFA is critical, but not all MFA methods are created equal. The most secure form of MFA is a physical security key, or hardware MFA, involving a USB key that is plugged into a computer to authenticate users. This type of hardware MFA would have stopped the Hackers, and Twitter is now implementing it in place ofÇapplication-based MFA.”
© 2022 Yubico © 2022 Yubico How to get started
© 2022 Yubico CONFIDENTIAL - YUBICO INTERNAL ONLY © 2021 Yubico Rami Kayyali CTO – The Kernel
© 2022 Yubico 34 No power, cellular connection, or client software required Authenticate across desktop and mobile with a simple tap or touch Natively supported by all major OSes and web browsers Multi-protocol support for your systems as you grow Subscription and delivery services that keep costs predictable and affordable Transparent and secure supply chain Lower TCO — costs less than a password reset! YubiKey: Hardware security right-sized for SMBs
© 2022 Yubico © 2021 Yubico

Recommended

How to use Microsoft Azure Virtual Desktop
How to use Microsoft Azure Virtual DesktopHow to use Microsoft Azure Virtual Desktop
How to use Microsoft Azure Virtual Desktop
Abdulghani Alkhateeb
 
Sing Tel - Designing security into datacenter - Gerald Tang
Sing Tel - Designing security into datacenter - Gerald TangSing Tel - Designing security into datacenter - Gerald Tang
Sing Tel - Designing security into datacenter - Gerald Tang
Minh Le
 
T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud.
T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud.T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud.
T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud.
ForgeRock
 
Citrix Workspace Suite
Citrix Workspace SuiteCitrix Workspace Suite
Citrix Workspace Suite
MarketingArrowECS_CZ
 
Microsoft Cloud Ecosystem Poster
Microsoft Cloud Ecosystem PosterMicrosoft Cloud Ecosystem Poster
Microsoft Cloud Ecosystem Poster
David J Rosenthal
 
Protecting corporate data with Enterprise Mobility Suite
Protecting corporate data with Enterprise Mobility SuiteProtecting corporate data with Enterprise Mobility Suite
Protecting corporate data with Enterprise Mobility Suite
Ronny de Jong
 
Windows 10 and EMS better together @ Windows 10 Partner Technical Bootcamp Mi...
Windows 10 and EMS better together @ Windows 10 Partner Technical Bootcamp Mi...Windows 10 and EMS better together @ Windows 10 Partner Technical Bootcamp Mi...
Windows 10 and EMS better together @ Windows 10 Partner Technical Bootcamp Mi...
Jan Ketil Skanke
 
Open Enterprise Server With Windows
Open Enterprise Server With Windows Open Enterprise Server With Windows
Open Enterprise Server With Windows
NetIQ
 

Recommended

How to use Microsoft Azure Virtual Desktop
How to use Microsoft Azure Virtual DesktopHow to use Microsoft Azure Virtual Desktop
How to use Microsoft Azure Virtual Desktop
Abdulghani Alkhateeb
 
Sing Tel - Designing security into datacenter - Gerald Tang
Sing Tel - Designing security into datacenter - Gerald TangSing Tel - Designing security into datacenter - Gerald Tang
Sing Tel - Designing security into datacenter - Gerald Tang
Minh Le
 
T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud.
T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud.T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud.
T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud.
ForgeRock
 
Citrix Workspace Suite
Citrix Workspace SuiteCitrix Workspace Suite
Citrix Workspace Suite
MarketingArrowECS_CZ
 
Microsoft Cloud Ecosystem Poster
Microsoft Cloud Ecosystem PosterMicrosoft Cloud Ecosystem Poster
Microsoft Cloud Ecosystem Poster
David J Rosenthal
 
Protecting corporate data with Enterprise Mobility Suite
Protecting corporate data with Enterprise Mobility SuiteProtecting corporate data with Enterprise Mobility Suite
Protecting corporate data with Enterprise Mobility Suite
Ronny de Jong
 
Windows 10 and EMS better together @ Windows 10 Partner Technical Bootcamp Mi...
Windows 10 and EMS better together @ Windows 10 Partner Technical Bootcamp Mi...Windows 10 and EMS better together @ Windows 10 Partner Technical Bootcamp Mi...
Windows 10 and EMS better together @ Windows 10 Partner Technical Bootcamp Mi...
Jan Ketil Skanke
 
Open Enterprise Server With Windows
Open Enterprise Server With Windows Open Enterprise Server With Windows
Open Enterprise Server With Windows
NetIQ
 
Windows 11 for the Enterprise
Windows 11 for the EnterpriseWindows 11 for the Enterprise
Windows 11 for the Enterprise
David J Rosenthal
 
TrendMicro DeepSecurity CASE - Testimonal
TrendMicro DeepSecurity CASE - TestimonalTrendMicro DeepSecurity CASE - Testimonal
TrendMicro DeepSecurity CASE - Testimonal
Eduardo Alves
 
Manage Risk By Protecting the Apps and Data Infographic
Manage Risk By Protecting the Apps and Data InfographicManage Risk By Protecting the Apps and Data Infographic
Manage Risk By Protecting the Apps and Data Infographic
Citrix
 
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
David J Rosenthal
 
Microsoft 365
Microsoft 365Microsoft 365
Microsoft 365
Jeannette Browning
 
IdM vs. IDaaS
IdM vs. IDaaSIdM vs. IDaaS
IdM vs. IDaaS
Drew Koenig
 
WatchGuard Firewall & Network Security
WatchGuard Firewall & Network SecurityWatchGuard Firewall & Network Security
WatchGuard Firewall & Network Security
Marketing Team
 
Prashant Saxena Business briefing Okta
Prashant Saxena Business briefing OktaPrashant Saxena Business briefing Okta
Prashant Saxena Business briefing Okta
University of Notre Dame
 
Securing and Managing Offce 365 with XenMobile
Securing and Managing Offce 365 with XenMobileSecuring and Managing Offce 365 with XenMobile
Securing and Managing Offce 365 with XenMobile
Citrix
 
Cisco ucs overview ibm team 2014 v.2 - handout
Cisco ucs overview ibm team 2014 v.2 - handoutCisco ucs overview ibm team 2014 v.2 - handout
Cisco ucs overview ibm team 2014 v.2 - handout
Sarmad Ibrahim
 
Extending Active Directory to Box for Seamless IT Management
Extending Active Directory to Box for Seamless IT ManagementExtending Active Directory to Box for Seamless IT Management
Extending Active Directory to Box for Seamless IT Management
Okta-Inc
 
5 Top Enterprises Making IAM a Priority
5 Top Enterprises Making IAM a Priority5 Top Enterprises Making IAM a Priority
5 Top Enterprises Making IAM a Priority
Okta-Inc
 
Identity as a Service: a missing gap for moving enterprise applications in In...
Identity as a Service: a missing gap for moving enterprise applications in In...Identity as a Service: a missing gap for moving enterprise applications in In...
Identity as a Service: a missing gap for moving enterprise applications in In...
Hoang Tri Vo
 
Windows 10 Summit Keynote: Real Talk on Windows 10 with Microsoft
Windows 10 Summit Keynote: Real Talk on Windows 10 with MicrosoftWindows 10 Summit Keynote: Real Talk on Windows 10 with Microsoft
Windows 10 Summit Keynote: Real Talk on Windows 10 with Microsoft
Ivanti
 
Oktane13-O365_v2-JGAZARIK-OKTA
Oktane13-O365_v2-JGAZARIK-OKTAOktane13-O365_v2-JGAZARIK-OKTA
Oktane13-O365_v2-JGAZARIK-OKTA
Joseph Gazarik, MCSE, VCP, ITSMv3 Foundation
 
Cloud computing for making indonesia 4.0
Cloud computing for making indonesia 4.0 Cloud computing for making indonesia 4.0
Cloud computing for making indonesia 4.0
PT Datacomm Diangraha
 
Modern Workplace Summit 2015 - Management
Modern Workplace Summit 2015 - ManagementModern Workplace Summit 2015 - Management
Modern Workplace Summit 2015 - Management
Olav Tvedt
 
IBB Energie AG
IBB Energie AGIBB Energie AG
IBB Energie AG
Cisco Case Studies
 
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
David J Rosenthal
 
Enterprise Mobility Suite
Enterprise Mobility SuiteEnterprise Mobility Suite
Enterprise Mobility Suite
Peter Daalmans
 
Infinity_Architecture_June_Webinar__Final_Wiki.pptx
Infinity_Architecture_June_Webinar__Final_Wiki.pptxInfinity_Architecture_June_Webinar__Final_Wiki.pptx
Infinity_Architecture_June_Webinar__Final_Wiki.pptx
ssuser365526
 
Mind the gap_cpx2022_moti_sagey_final
Mind the gap_cpx2022_moti_sagey_finalMind the gap_cpx2022_moti_sagey_final
Mind the gap_cpx2022_moti_sagey_final
Moti Sagey מוטי שגיא
 

More Related Content

What's hot

Windows 11 for the Enterprise
Windows 11 for the EnterpriseWindows 11 for the Enterprise
Windows 11 for the Enterprise
David J Rosenthal
 
TrendMicro DeepSecurity CASE - Testimonal
TrendMicro DeepSecurity CASE - TestimonalTrendMicro DeepSecurity CASE - Testimonal
TrendMicro DeepSecurity CASE - Testimonal
Eduardo Alves
 
Manage Risk By Protecting the Apps and Data Infographic
Manage Risk By Protecting the Apps and Data InfographicManage Risk By Protecting the Apps and Data Infographic
Manage Risk By Protecting the Apps and Data Infographic
Citrix
 
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
David J Rosenthal
 
Microsoft 365
Microsoft 365Microsoft 365
Microsoft 365
Jeannette Browning
 
IdM vs. IDaaS
IdM vs. IDaaSIdM vs. IDaaS
IdM vs. IDaaS
Drew Koenig
 
WatchGuard Firewall & Network Security
WatchGuard Firewall & Network SecurityWatchGuard Firewall & Network Security
WatchGuard Firewall & Network Security
Marketing Team
 
Prashant Saxena Business briefing Okta
Prashant Saxena Business briefing OktaPrashant Saxena Business briefing Okta
Prashant Saxena Business briefing Okta
University of Notre Dame
 
Securing and Managing Offce 365 with XenMobile
Securing and Managing Offce 365 with XenMobileSecuring and Managing Offce 365 with XenMobile
Securing and Managing Offce 365 with XenMobile
Citrix
 
Cisco ucs overview ibm team 2014 v.2 - handout
Cisco ucs overview ibm team 2014 v.2 - handoutCisco ucs overview ibm team 2014 v.2 - handout
Cisco ucs overview ibm team 2014 v.2 - handout
Sarmad Ibrahim
 
Extending Active Directory to Box for Seamless IT Management
Extending Active Directory to Box for Seamless IT ManagementExtending Active Directory to Box for Seamless IT Management
Extending Active Directory to Box for Seamless IT Management
Okta-Inc
 
5 Top Enterprises Making IAM a Priority
5 Top Enterprises Making IAM a Priority5 Top Enterprises Making IAM a Priority
5 Top Enterprises Making IAM a Priority
Okta-Inc
 
Identity as a Service: a missing gap for moving enterprise applications in In...
Identity as a Service: a missing gap for moving enterprise applications in In...Identity as a Service: a missing gap for moving enterprise applications in In...
Identity as a Service: a missing gap for moving enterprise applications in In...
Hoang Tri Vo
 
Windows 10 Summit Keynote: Real Talk on Windows 10 with Microsoft
Windows 10 Summit Keynote: Real Talk on Windows 10 with MicrosoftWindows 10 Summit Keynote: Real Talk on Windows 10 with Microsoft
Windows 10 Summit Keynote: Real Talk on Windows 10 with Microsoft
Ivanti
 
Oktane13-O365_v2-JGAZARIK-OKTA
Oktane13-O365_v2-JGAZARIK-OKTAOktane13-O365_v2-JGAZARIK-OKTA
Oktane13-O365_v2-JGAZARIK-OKTA
Joseph Gazarik, MCSE, VCP, ITSMv3 Foundation
 
Cloud computing for making indonesia 4.0
Cloud computing for making indonesia 4.0 Cloud computing for making indonesia 4.0
Cloud computing for making indonesia 4.0
PT Datacomm Diangraha
 
Modern Workplace Summit 2015 - Management
Modern Workplace Summit 2015 - ManagementModern Workplace Summit 2015 - Management
Modern Workplace Summit 2015 - Management
Olav Tvedt
 
IBB Energie AG
IBB Energie AGIBB Energie AG
IBB Energie AG
Cisco Case Studies
 
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
David J Rosenthal
 
Enterprise Mobility Suite
Enterprise Mobility SuiteEnterprise Mobility Suite
Enterprise Mobility Suite
Peter Daalmans
 

What's hot (20)

Windows 11 for the Enterprise
Windows 11 for the EnterpriseWindows 11 for the Enterprise
Windows 11 for the Enterprise
 
TrendMicro DeepSecurity CASE - Testimonal
TrendMicro DeepSecurity CASE - TestimonalTrendMicro DeepSecurity CASE - Testimonal
TrendMicro DeepSecurity CASE - Testimonal
 
Manage Risk By Protecting the Apps and Data Infographic
Manage Risk By Protecting the Apps and Data InfographicManage Risk By Protecting the Apps and Data Infographic
Manage Risk By Protecting the Apps and Data Infographic
 
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...
 
Microsoft 365
Microsoft 365Microsoft 365
Microsoft 365
 
IdM vs. IDaaS
IdM vs. IDaaSIdM vs. IDaaS
IdM vs. IDaaS
 
WatchGuard Firewall & Network Security
WatchGuard Firewall & Network SecurityWatchGuard Firewall & Network Security
WatchGuard Firewall & Network Security
 
Prashant Saxena Business briefing Okta
Prashant Saxena Business briefing OktaPrashant Saxena Business briefing Okta
Prashant Saxena Business briefing Okta
 
Securing and Managing Offce 365 with XenMobile
Securing and Managing Offce 365 with XenMobileSecuring and Managing Offce 365 with XenMobile
Securing and Managing Offce 365 with XenMobile
 
Cisco ucs overview ibm team 2014 v.2 - handout
Cisco ucs overview ibm team 2014 v.2 - handoutCisco ucs overview ibm team 2014 v.2 - handout
Cisco ucs overview ibm team 2014 v.2 - handout
 
Extending Active Directory to Box for Seamless IT Management
Extending Active Directory to Box for Seamless IT ManagementExtending Active Directory to Box for Seamless IT Management
Extending Active Directory to Box for Seamless IT Management
 
5 Top Enterprises Making IAM a Priority
5 Top Enterprises Making IAM a Priority5 Top Enterprises Making IAM a Priority
5 Top Enterprises Making IAM a Priority
 
Identity as a Service: a missing gap for moving enterprise applications in In...
Identity as a Service: a missing gap for moving enterprise applications in In...Identity as a Service: a missing gap for moving enterprise applications in In...
Identity as a Service: a missing gap for moving enterprise applications in In...
 
Windows 10 Summit Keynote: Real Talk on Windows 10 with Microsoft
Windows 10 Summit Keynote: Real Talk on Windows 10 with MicrosoftWindows 10 Summit Keynote: Real Talk on Windows 10 with Microsoft
Windows 10 Summit Keynote: Real Talk on Windows 10 with Microsoft
 
Oktane13-O365_v2-JGAZARIK-OKTA
Oktane13-O365_v2-JGAZARIK-OKTAOktane13-O365_v2-JGAZARIK-OKTA
Oktane13-O365_v2-JGAZARIK-OKTA
 
Cloud computing for making indonesia 4.0
Cloud computing for making indonesia 4.0 Cloud computing for making indonesia 4.0
Cloud computing for making indonesia 4.0
 
Modern Workplace Summit 2015 - Management
Modern Workplace Summit 2015 - ManagementModern Workplace Summit 2015 - Management
Modern Workplace Summit 2015 - Management
 
IBB Energie AG
IBB Energie AGIBB Energie AG
IBB Energie AG
 
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
 
Enterprise Mobility Suite
Enterprise Mobility SuiteEnterprise Mobility Suite
Enterprise Mobility Suite
 

Similar to The Best practices to secure smbs using yubico

Infinity_Architecture_June_Webinar__Final_Wiki.pptx
Infinity_Architecture_June_Webinar__Final_Wiki.pptxInfinity_Architecture_June_Webinar__Final_Wiki.pptx
Infinity_Architecture_June_Webinar__Final_Wiki.pptx
ssuser365526
 
Mind the gap_cpx2022_moti_sagey_final
Mind the gap_cpx2022_moti_sagey_finalMind the gap_cpx2022_moti_sagey_final
Mind the gap_cpx2022_moti_sagey_final
Moti Sagey מוטי שגיא
 
Rombit LSEC IoTSecurity IoTSBOM CyberSec Europe 2022
Rombit LSEC IoTSecurity IoTSBOM CyberSec Europe 2022Rombit LSEC IoTSecurity IoTSBOM CyberSec Europe 2022
Rombit LSEC IoTSecurity IoTSBOM CyberSec Europe 2022
Ulrich Seldeslachts
 
1ID2-KeyBank-CapitalOne.pptx
1ID2-KeyBank-CapitalOne.pptx1ID2-KeyBank-CapitalOne.pptx
1ID2-KeyBank-CapitalOne.pptx
ssuserc1c6091
 
Welcome and FIDO Update.pptx
Welcome and FIDO Update.pptxWelcome and FIDO Update.pptx
Welcome and FIDO Update.pptx
FIDO Alliance
 
FIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance: Welcome and FIDO Update.pptxFIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance
 
Intro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxIntro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptx
FIDO Alliance
 
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
FIDO Alliance
 
Check Point SMB Proposition
Check Point SMB PropositionCheck Point SMB Proposition
Check Point SMB Proposition
Group of company MUK
 
Security architecture proposal template
Security architecture proposal templateSecurity architecture proposal template
Security architecture proposal template
Moti Sagey מוטי שגיא
 
Security Challenges in Internet of Things - Mobiloitte
Security Challenges in Internet of Things - MobiloitteSecurity Challenges in Internet of Things - Mobiloitte
Security Challenges in Internet of Things - Mobiloitte
Mobiloitte
 
VMworld 2013: Android in the enterprise: Understand the challenges and how to...
VMworld 2013: Android in the enterprise: Understand the challenges and how to...VMworld 2013: Android in the enterprise: Understand the challenges and how to...
VMworld 2013: Android in the enterprise: Understand the challenges and how to...
VMworld
 
Check Point: Securing Web 2.0
Check Point: Securing Web 2.0 Check Point: Securing Web 2.0
Check Point: Securing Web 2.0
Group of company MUK
 
The 5 most trusted cyber security companies to watch.
The 5 most trusted cyber security companies to watch.The 5 most trusted cyber security companies to watch.
The 5 most trusted cyber security companies to watch.
Merry D'souza
 
FIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for AllFIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for All
FIDO Alliance
 
Csa summit seguridad en el sddc
Csa summit seguridad en el sddcCsa summit seguridad en el sddc
Csa summit seguridad en el sddc
CSA Argentina
 
Yubikey solution-brief-fips-r4-1
Yubikey solution-brief-fips-r4-1Yubikey solution-brief-fips-r4-1
Yubikey solution-brief-fips-r4-1
WJN
 
The State of Strong Authentication
The State of Strong AuthenticationThe State of Strong Authentication
The State of Strong Authentication
FIDO Alliance
 
Authenticate 2021: Welcome Address
Authenticate 2021: Welcome AddressAuthenticate 2021: Welcome Address
Authenticate 2021: Welcome Address
FIDO Alliance
 
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
Clouditalia Telecomunicazioni
 

Similar to The Best practices to secure smbs using yubico (20)

Infinity_Architecture_June_Webinar__Final_Wiki.pptx
Infinity_Architecture_June_Webinar__Final_Wiki.pptxInfinity_Architecture_June_Webinar__Final_Wiki.pptx
Infinity_Architecture_June_Webinar__Final_Wiki.pptx
 
Mind the gap_cpx2022_moti_sagey_final
Mind the gap_cpx2022_moti_sagey_finalMind the gap_cpx2022_moti_sagey_final
Mind the gap_cpx2022_moti_sagey_final
 
Rombit LSEC IoTSecurity IoTSBOM CyberSec Europe 2022
Rombit LSEC IoTSecurity IoTSBOM CyberSec Europe 2022Rombit LSEC IoTSecurity IoTSBOM CyberSec Europe 2022
Rombit LSEC IoTSecurity IoTSBOM CyberSec Europe 2022
 
1ID2-KeyBank-CapitalOne.pptx
1ID2-KeyBank-CapitalOne.pptx1ID2-KeyBank-CapitalOne.pptx
1ID2-KeyBank-CapitalOne.pptx
 
Welcome and FIDO Update.pptx
Welcome and FIDO Update.pptxWelcome and FIDO Update.pptx
Welcome and FIDO Update.pptx
 
FIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance: Welcome and FIDO Update.pptxFIDO Alliance: Welcome and FIDO Update.pptx
FIDO Alliance: Welcome and FIDO Update.pptx
 
Intro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxIntro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptx
 
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
 
Check Point SMB Proposition
Check Point SMB PropositionCheck Point SMB Proposition
Check Point SMB Proposition
 
Security architecture proposal template
Security architecture proposal templateSecurity architecture proposal template
Security architecture proposal template
 
Security Challenges in Internet of Things - Mobiloitte
Security Challenges in Internet of Things - MobiloitteSecurity Challenges in Internet of Things - Mobiloitte
Security Challenges in Internet of Things - Mobiloitte
 
VMworld 2013: Android in the enterprise: Understand the challenges and how to...
VMworld 2013: Android in the enterprise: Understand the challenges and how to...VMworld 2013: Android in the enterprise: Understand the challenges and how to...
VMworld 2013: Android in the enterprise: Understand the challenges and how to...
 
Check Point: Securing Web 2.0
Check Point: Securing Web 2.0 Check Point: Securing Web 2.0
Check Point: Securing Web 2.0
 
The 5 most trusted cyber security companies to watch.
The 5 most trusted cyber security companies to watch.The 5 most trusted cyber security companies to watch.
The 5 most trusted cyber security companies to watch.
 
FIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for AllFIDO Authentication: Unphishable MFA for All
FIDO Authentication: Unphishable MFA for All
 
Csa summit seguridad en el sddc
Csa summit seguridad en el sddcCsa summit seguridad en el sddc
Csa summit seguridad en el sddc
 
Yubikey solution-brief-fips-r4-1
Yubikey solution-brief-fips-r4-1Yubikey solution-brief-fips-r4-1
Yubikey solution-brief-fips-r4-1
 
The State of Strong Authentication
The State of Strong AuthenticationThe State of Strong Authentication
The State of Strong Authentication
 
Authenticate 2021: Welcome Address
Authenticate 2021: Welcome AddressAuthenticate 2021: Welcome Address
Authenticate 2021: Welcome Address
 
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
 

Recently uploaded

"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota
Fwdays
 
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyFreshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
ScyllaDB
 
Leveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and StandardsLeveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and Standards
Neo4j
 
Principle of conventional tomography-Bibash Shahi ppt..pptx
Principle of conventional tomography-Bibash Shahi ppt..pptxPrinciple of conventional tomography-Bibash Shahi ppt..pptx
Principle of conventional tomography-Bibash Shahi ppt..pptx
BibashShahi
 
GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)
Javier Junquera
 
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
Pitangent Analytics & Technology Solutions Pvt. Ltd
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
saastr
 
Y-Combinator seed pitch deck template PP
Y-Combinator seed pitch deck template PPY-Combinator seed pitch deck template PP
Y-Combinator seed pitch deck template PP
c5vrf27qcz
 
Essentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation ParametersEssentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation Parameters
Safe Software
 
JavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green MasterplanJavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green Masterplan
Miro Wengner
 
Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
Hiroshi SHIBATA
 
Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving
 
Apps Break Data
Apps Break DataApps Break Data
Apps Break Data
Ivo Velitchkov
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
Zilliz
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Safe Software
 
Harnessing the Power of NLP and Knowledge Graphs for Opioid Research
Harnessing the Power of NLP and Knowledge Graphs for Opioid ResearchHarnessing the Power of NLP and Knowledge Graphs for Opioid Research
Harnessing the Power of NLP and Knowledge Graphs for Opioid Research
Neo4j
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
DanBrown980551
 
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
Edge AI and Vision Alliance
 
The Microsoft 365 Migration Tutorial For Beginner.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptxThe Microsoft 365 Migration Tutorial For Beginner.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptx
operationspcvita
 

Recently uploaded (20)

"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota
 
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyFreshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
 
Leveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and StandardsLeveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and Standards
 
Principle of conventional tomography-Bibash Shahi ppt..pptx
Principle of conventional tomography-Bibash Shahi ppt..pptxPrinciple of conventional tomography-Bibash Shahi ppt..pptx
Principle of conventional tomography-Bibash Shahi ppt..pptx
 
Artificial Intelligence and Electronic Warfare
Artificial Intelligence and Electronic WarfareArtificial Intelligence and Electronic Warfare
Artificial Intelligence and Electronic Warfare
 
GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)GNSS spoofing via SDR (Criptored Talks 2024)
GNSS spoofing via SDR (Criptored Talks 2024)
 
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
Crafting Excellence: A Comprehensive Guide to iOS Mobile App Development Serv...
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
 
Y-Combinator seed pitch deck template PP
Y-Combinator seed pitch deck template PPY-Combinator seed pitch deck template PP
Y-Combinator seed pitch deck template PP
 
Essentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation ParametersEssentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation Parameters
 
JavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green MasterplanJavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green Masterplan
 
Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
 
Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024
 
Apps Break Data
Apps Break DataApps Break Data
Apps Break Data
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
 
Harnessing the Power of NLP and Knowledge Graphs for Opioid Research
Harnessing the Power of NLP and Knowledge Graphs for Opioid ResearchHarnessing the Power of NLP and Knowledge Graphs for Opioid Research
Harnessing the Power of NLP and Knowledge Graphs for Opioid Research
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
 
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
“Temporal Event Neural Networks: A More Efficient Alternative to the Transfor...
 
The Microsoft 365 Migration Tutorial For Beginner.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptxThe Microsoft 365 Migration Tutorial For Beginner.pptx
The Microsoft 365 Migration Tutorial For Beginner.pptx
 

The Best practices to secure smbs using yubico

  • 1. © 2022 Yubico © 2022 Yubico Best practices to secure SMBs in an evolving cyber threat landscape January 28, 2022
  • 2. © 2021 Yubico © 2018 Yubico What we’ll cover Evolving cyber threat and regulatory landscape Cybersecurity risks facing SMBs Critical need for phishing-resistant MFA How to get started
  • 3. © 2022 Yubico CONFIDENTIAL - YUBICO INTERNAL ONLY © 2021 Yubico Abdulghani, IT Cloud Engineer, Clouds Zone
  • 4. © 2022 Yubico © 2022 Yubico Evolving cyber threat and regulatory landscape
  • 5. © 2022 Yubico We’re now squarely in the “new normal” Secure hybrid work is here to stay… Source: PEW Research Center, Dec 2020
  • 6. © 2022 Yubico Hackers thrive in crisis FBI urges vigilance... 54% Source: FBI, 2021 Increase in cyber crimes since COVID-19 started... 300%
  • 7. © 2022 Yubico 7 Remote and hybrid work risks Heightened threat vectors Places Technology People Remote workers are a high risk user category Home networks are generally less secure; lower confidence in remote endpoints Home networks not as secure as corporate Risk engine not adapting quickly enough to changes Accidental download of malware by family members Falling prey to phishing attacks tied to the pandemic
  • 8. © 2022 Yubico 8 Clear need to move beyond passwords
  • 9. © 2022 Yubico of hacking-related breaches use stolen credentials Source: Verizon Data Breach Investigation Report 80%
  • 11. © 2022 Yubico SMBs are prime targets for cyberattacks Why?… 54% Your data is very lucrative Entry point for a larger attack Limited resources or dedicated IT support Inadequate cybersecurity training Easy profit from ready access to data 11
  • 12. © 2022 Yubico Yet…SMBs grossly underestimate their risks “Why would anyone target us?... 54% Breaches involved small to mid-sized businesses 1 in 3 Source: Verizon’s 2020 Data Breach Investigations Report (DBIR)
  • 13. © 2022 Yubico SMBs leaving themselves exposed Writing passwords down on paper…spreadsheets, documents 54% Using insecure methods to store passwords 1 in 5 Source: Devolutions State of Cybersecurity in SMBs 2021 - 2022
  • 14. © 2022 Yubico A cybersecurity breach Fatal for SMBs... 54% Close down within 6 months of a breach 60% Source: US National Cyber Security Alliance
  • 15. © 2022 Yubico SMBs need to secure digital transformation ● Secure the ways you fuel your business models ○ Ensure secure usage of social networks, and other communications channels, to generate demand, and stay connected with your customers. ● Ensure uninterrupted collaboration with your suppliers, partners and customers using software ○ Secure sharing of inventory information that enables flexibility and just in time shipping / delivery of supplies ● Secure usage of cloud-based applications ○ e.g. Using Salesforce.com to manage customer information ○ E.g. Workday for payroll and timesheets 15 © 2022 Yubico
  • 16. © 2022 Yubico Secure key SMB business scenarios Remote and hybrid workers Mobile restricted Privileged users Office workers Shared workstations Supply Chain
  • 17. © 2022 Yubico But there can be security challenges… ● Sifting through the options feels complicated ● Not sure of the right approach that will keep the business protected ● Limited IT support to get up and running ● Needs to be intuitive to drive up user adoption 17 You need an easy way to gain strong security, while making it a fast and easy process to enable user adoption
  • 18. © 2022 Yubico © 2022 Yubico Critical need for strong authentication and phishing- resistant MFA that’s fast and easy
  • 19. © 2021 Yubico What you know 19 What you have Who you are
  • 20. © 2021 Yubico What you know Password PIN 20 What you have SMS OTP Smart card Security key Who you are Fingerprint Face Voice Iris
  • 21. © 2021 Yubico Not all authentication is created equal Username and password Basic 2FA: SMS, email, mobile Strong authentication ● Not purpose-built for security ● Uses existing technology stacks that are vulnerable to network and software attacks ● Common target for credential phishing ● Purpose-built for security ● No network connection, stored data, or client software required ● Highly phishing resistant ● Deployed everywhere ● Known usability gaps ● Costly and hard to sustain ● Common target for credential phishing 80% attack penetration rate 0% attack penetration rate 10%-50% attack penetration rate © 2021 Yubico
  • 22. © 2021 Yubico Ease of use Security Phishable 22 Non-phishable Some MFA is better than no MFA ...but not all MFA is phishing-resistant
  • 23. © 2021 Yubico Not all MFA is phishing resistant
  • 24. © 2021 Yubico Not all MFA is phishing resistant
  • 25. © 2021 Yubico Not all MFA is phishing resistant
  • 26. © 2021 Yubico Not all MFA is phishing resistant
  • 27. © 2021 Yubico Not all MFA is phishing resistant
  • 28. © 2021 Yubico Not all MFA is phishing resistant
  • 29. 29 Security key (YubiKey) 10% 21% 24% 50% 0% On device prompt (OTP push app) Secondary email SMS code Phone number Hardware FIDO security keys …proven to stop account takeovers in their tracks
  • 30. © 2021 Yubico 30 Security ● Dedicated, security-focused chip ● Protect against phishing and MitM Privacy ● No privacy risk being a personal device ● Can be anonymous, if desired Portability ● Portable root of trust across all devices ● Mobile restricted areas, shared workstations Reliability ● No battery or signal dependency ● Crush and water resistant Affordability ● Easier recovery and multiple backups reduce support costs TPM Mobile apps/built-in authenticators have limitations
  • 31. © 2021 Yubico 31 Twitter breach and recommendation... “MFA is critical, but not all MFA methods are created equal. The most secure form of MFA is a physical security key, or hardware MFA, involving a USB key that is plugged into a computer to authenticate users. This type of hardware MFA would have stopped the Hackers, and Twitter is now implementing it in place ofÇapplication-based MFA.”
  • 33. © 2022 Yubico CONFIDENTIAL - YUBICO INTERNAL ONLY © 2021 Yubico Rami Kayyali CTO – The Kernel
  • 34. © 2022 Yubico 34 No power, cellular connection, or client software required Authenticate across desktop and mobile with a simple tap or touch Natively supported by all major OSes and web browsers Multi-protocol support for your systems as you grow Subscription and delivery services that keep costs predictable and affordable Transparent and secure supply chain Lower TCO — costs less than a password reset! YubiKey: Hardware security right-sized for SMBs