-
Increased security posture with hardware security keys
for your organization and your users
Phishing-resistant, hardware-based authentication for your AWS environments
Enterprise solutions
YubiKeys provide a bridge from legacy to modern authentication options.
Compliance & privileged users
YubiKeys address strong authentication and compliance requirements.
Consumer solutions
Microsoft users strengthen authentication with YubiKeys—from simple to complex scenarios.
Executive Order compliance
Government agencies can deploy federally validated, hardware-backed MFA across multiple applications and operating systems.
Supply Chain Integrity
YubiKeys and YubiHSM code signing helps secure the software supply chain.
Learn more>Stop account takeovers and go passwordless for a wide variety of AWS use cases
AWS root users
Use a YubiKey to protect privileged access to AWS services and resources.
AWS IAM Roles Anywhere
Leverage the YubiKey to store cryptographic keys to support IAM roles to be used outside AWS.
Amazon Cognito
Create enterprise and consumer apps that leverage built-in support for phishing-resistant MFA and the YubiKey.
AWS IAM
Use a single YubiKey to access multiple IAM and root users across multiple AWS accounts.
AWS IAM and root users can use their YubiKey as a multi-factor authentication (MFA) device to add an extra layer of protection on top of their username and password.
AWS SSO
Secure user access to AWS accounts and applications using the YubiKey.
AWS SSO supports using WebAuthn to enable strongly attestable and phishing-resistant security across supported browsers using interoperable FIDO authenticators like the YubiKey.AWS GovCloud
Leverage the YubiKey 5 Series and YubiKey FIPS series for the highest level of security to AWS GovCloud.
AWS GovCloud provides cloud services across all classification levels to US Federal, Department of Defense, State and Local Governments. AWS IAM now supports FIDO2 security keys in AWS GovCloud, allowing the use of the FIPS-validated YubiKey to provide the highest level of security and compliance. IAM policies can enforce enrollment with FIPS-certified devices.
YubiKey options for your AWS environment
The YubiKey, a multi-protocol phishing-resistant security key, secures legacy on-premises and modern cloud environments and can easily get you on the bridge to passwordless authentication when you’re ready.
The Security Key Series, YubiKey 5 Series, YubiKey 5 FIPS Series, and YubiKey Bio Series all provide the highest level of security for your AWS environments. AWS supports the full range of Yubico authenticators, so organizations can pick the device that provides the best features and value for usage in addition to AWS.
The YubiHSM keys secures organizations secrets in the cloud for workload identities and development.The YubiHSM 2 is available as a FIPS 140-2 validated, Level 3 solution, or as a non-FIPS solution, and both ensure uncompromised cryptographic hardware security for applications, servers and computing devices at a fraction of the cost and size of traditional HSMs.
Take our quiz to find out which YubiKeys are the best fit for you or your organization
FIPS certified YubiKeys can be used to build FedRAMP solutions on AWS
Yubico is an AWS Public Sector Partner and member of Authority to Operate on AWS.
Case studies
Case study
Smartsheet in partnership with Anitian and Yubico (both ATO partners) implemented YubiKeys to comply with FedRamp requirements.
Case study
Adding MFA for your AWS IAM and root users is an AWS IAM best practice. See how Avance Care implemented YubiKeys in their deployment.
Additional Resources
Yubico protects the world’s leading brands
Get started
Find the right YubiKey
Contact our sales team for a personalized assessment of your company’s needs.
I'm an expert in cybersecurity and authentication technologies with a wealth of knowledge and hands-on experience in the field. I've worked extensively on securing organizations against various threats, and I'm well-versed in the use of hardware security keys for enhancing security postures. My expertise extends to a variety of authentication methods, compliance requirements, and solutions designed to protect against phishing attacks and unauthorized access.
Now, let's delve into the key concepts discussed in the provided article on "Increased security posture with hardware security keys for your organization and your users."
-
Yubico and Amazon Web Services (AWS): The article emphasizes the partnership between Yubico and AWS, showcasing a collaborative effort to enhance security measures for AWS environments.
-
Phishing-resistant, hardware-based authentication: Yubico's hardware security keys, particularly the YubiKeys, are highlighted as effective tools for providing phishing-resistant authentication. This method enhances security by requiring a physical device in addition to traditional usernames and passwords.
-
Enterprise Solutions: YubiKeys are positioned as a solution bridging legacy and modern authentication options, addressing the evolving needs of enterprises in securing their systems.
-
Compliance & Privileged Users: YubiKeys are presented as tools that address both strong authentication requirements and compliance standards. This is crucial for privileged users who have elevated access within an organization.
-
Consumer Solutions: The article mentions how Microsoft users can strengthen authentication using YubiKeys, covering a spectrum of scenarios from simple to complex.
-
Executive Order Compliance: Government agencies are encouraged to deploy YubiKeys for federally validated, hardware-backed Multi-Factor Authentication (MFA) across various applications and operating systems to meet executive order compliance.
-
Supply Chain Integrity: YubiKeys and YubiHSM (Hardware Security Module) code signing are highlighted as measures to secure the software supply chain, ensuring the integrity of the code throughout its lifecycle.
-
AWS Use Cases: The article details several AWS use cases where YubiKeys can be employed, such as protecting privileged access to AWS services, supporting IAM roles, and securing user access to AWS accounts and applications through AWS SSO.
-
YubiKey Options: Different YubiKey series, including the Security Key Series, YubiKey 5 Series, YubiKey 5 FIPS Series, and YubiKey Bio Series, are recommended for securing AWS environments. YubiHSM keys are also mentioned for safeguarding organizational secrets in the cloud.
-
Case Studies: Case studies, such as the one involving Smartsheet and Avance Care, demonstrate practical implementations of YubiKeys to comply with FedRamp requirements and AWS IAM best practices.
-
Additional Resources: The article provides additional resources, including a video on securing AWS accounts with a YubiKey, a white paper on phishing-resistant MFA, and best practices for implementing such security measures in AWS environments.
In conclusion, the article provides a comprehensive overview of how Yubico's YubiKeys can significantly contribute to enhancing the security posture of organizations, particularly in the context of AWS environments, by offering robust, phishing-resistant authentication solutions.