Okta + Yubico: Because Every User Is a Potential Target

The most critical security threats facing enterprises today are attacks targeted at user credentials. The average number of credential theft incidents has tripled over the past two years, and today, 81% of all hacking-related breaches leverage either stolen and/or weak passwords. Using passwords alone as a means of defense for organizations simply isn’t working.

With the rise in sophistication of threats in today’s zero trust world, having a second factor is critical. Organizations are increasingly adopting stronger security measures, like Multi-Factor Authentication (MFA), to protect sensitive user data. Today, every user is a potential target, and high-value targets and key technical individuals such as IT administrators have access to some of the most sensitive information available. Organizations need ways to step up security and ensure only the right people have access to the right data, at the right time.

That’s why we’re teaming up with Yubico, offering a free YubiKey Starter Pack to every one of our existing and new customers using Okta MFA and Okta Adaptive MFA. The YubiKey is an all-in-one security key in the form of a physical token that protects access to user accounts as a factor option for organizations using Okta MFA. A number of organizations including Verifone, which helps transform everyday transactions into new and engaging opportunities for merchants and consumers at the last inch of payments and commerce, are already using Okta and Yubico as an additional layer of protection for their users and data.

“As the global leader in payment and commerce solutions, Verifone is responsible for making sure our customers succeed in every environment and condition without having to worry about security,” said David Belcher, Sr. Director of IT Enterprise Services, Verifone. “That’s precisely why we trust Okta as our provider of identity to securely manage access and help to minimize security risks. Layered with Yubico’s physical token solution, it provides us with maximum assurance and peace of mind in our security posture, especially when it comes to the most privileged users within our organization.”

Now, our partnership will give all of our customers broader options to step up security and immediate access to the power of Yubico’s strong cryptographic protection and seamless touch-to-sign functions with Okta’s MFA solutions. Universal second factor (U2F) based security tokens such as the the YubiKey provide the strongest level of defense against phishing and man-in-the-middle attacks, while also delivering a simple and seamless user experience — all with just the touch of the device. The Okta co-branded YubiKey Starter Pack includes two YubiKey security tokens, which can be used as the primary or back-up authentication method in conjunction with Okta Verify.

“Strong, phishing-resistant authentication is critical at all levels of an enterprise, but even more so for administrators with elevated access and capabilities,” said Stina Ehrensvard, CEO and Founder, Yubico. “By putting YubiKeys in the hands of these individuals, together with the power of Okta MFA, we have the opportunity to further improve the security posture for Okta customers worldwide.”

We’re committed to enabling organizations of all sizes to easily and securely take advantage of all kinds of technology. Regardless of how the landscape changes, we’re working closely with the leaders across our industry to provide strong, seamless solutions for our customers – all as a part of our work to leverage identity-driven security as the critical, most secure control point for organizations.

Okta YubiKey Admin Experience Packs are available to all new and existing Okta MFA and Adaptive MFA customers starting today. For more information, visit https://www.okta.com/partners/yubico, and all current interested Okta customers can reach out to their Okta rep for additional details and next steps.