Recently, Microsoft announced the integration of FIDO2-based YubiKeys and Azure Active Directory (Azure AD). This, for cloud computing and security, is a game changer. Additionally, to this, the YubiKey passwordless hardware builds real-time integration with Identity Access Management solutions such as RSA SecurID to cover IAM for end-user applications such as O365.
Think about this from the perspective of the end-users (i.e. staff) in your organisation. No more passwords, no more spreadsheets or keychain managers. No phone calls or emails to your support team with “forgot password” or “password lockout” issues. Even better, no more phishing, vishing or end0user based threats that originate from archaic password technology, with simple integration into your already existing identity and access management platforms.
So, what is the quickest and most efficient way to passwordless in your Microsoft stack?
As a first step towards passwordless, no matter your environment, start by implementing multi-factor authentication (MFA) everywhere, with RSA SecurID that use the YubiKey as a hardware-based backup to a username and password.
Then start to work towards a transition practise incorporating these points:
User experience FIRST
Why have attackers been so successful in password-based attacks? Because they know, and we know, that passwords are arduous, hard and notoriously difficult to remember. So, end-users duplicate them reuse them and share them. Many users don’t even realize they’ve given up their password. Bad actors can focus on usability and they don’t have to be present to interrupt a sign-in - they only need one password to gain access and move laterally to increase privileges.
Keep it as simple as possible
Users don’t need to find a code on a separate device or remember complicated passwords or a PIN. The same key can be used across all their devices and accounts and integrated with an existing IAM solution such as the YubiKey for RSA SecurID that provides a superior FIDO solution against phishing, account takeovers and ultimately reduces IT cost. These types of solution also combine the best-in-class credential management and enterprise security for a seamless passwordless future.
Transition your Microsoft environment to go passwordless
The RSA SecurID and YubiKey solution is a good fit for companies who are invested in Microsoft technology because the device includes several versions of solutions and can cover a variety of security concerns from phishing, vishing, identity and access management and enterprise sized security solutions. It works with legacy applications (and cloud solutions like Azure and Office 365) and frontline worker applications that are part of the MO365 stack such as Microsoft Teams, Outlook or OneDrive that can all be authenticated without a network connection, or security data stored within the datacentre.
