YubiKeys were a great leap forward in making two-factor authentication convenient. Convenient enough to be deployed internally in companies such as Google and Facebook where information security is obviously extremely important.
But are they convenient enough to become a truly ubiquitous standard embraced by businesses worldwide? I believe they can be.
For that to happen, YubiKeys need to become universal security keys that handle both physical and digital access—thus replacing all forms of smart cards and RFID tokens used for physical access control today. That would widen their appeal, spread their adoption, and make the entire web a safer place.
For small businesses, security used to be a luxury… then a necessary expense… but now it is becoming an investment
Information security used to be the concern of large enterprises and institutions. Big businesses had ID badges, guards, and metal detectors.
It was enough to have an inquiring receptionist.
Since those times, the security landscape has completely changed.
In 2017, according to a Ponemon Institute report, 61 percent of businesses experienced a cyber attack. What’s more, according to another report, from the National Cyber Security Alliance, six out of 10 small businesses hit by cyber attacks will go out of business within six months.
Legislative changes, such as EU’s upcoming General Data Protection Regulation (GDPR) — coming into effect in May 2018 — are also pressuring business owners to upgrade security standards. Companies that violate the new regulations are liable to pay fines of up to 4% of their total global revenue.
As the regulatory grip tightens, potential partners, clients or subcontractors will increasingly demand high-security standards from their associates. Sound security infrastructure will become a factor when choosing who to do business with.
In other words, security is an investment that pays off — not an expense that diverts resources from other profitable activities, like it used to be.
The two-factor revolution
The only problem is that up until recently, this was a sellers’ market. Security consultants charged high-premiums to implement solutions that weren’t tailored for small to medium businesses.
This is now changing. Yubico has made two-factor authentication a simple, effective and affordable solution for enhancing digital security.
But, as always, the human factor is the weakest link in the security chain. A quick-scan on Twitter reveals that people mishandle YubiKeys all the time.
Luckily, a solution is now in sight.
How a single sentence from Yubico’s COO helped launch a company
In 2015, our company developed a physical access control system that used YubiKeys to unlock doors. It was a fun side project for a small startup, but Yubico’s COO John Salter gave it credibility by mentioning it in an article published on Yubico’s website. He wrote:
“A few minutes later I swipe my NEO again to unlock the door to the Yubico Stockholm office.” And then he mentioned Keynto Lock, which is how Modis Lock was then called.
This was a turning point for our business.
After the article was published we were flooded with emails from would-be buyers. That made us dedicate two years to develop a market-ready product, today called Modis Lock.
Modis — Making sophisticated security solutions accessible to small to mid-size business owners
Modis Lock makes physical security into an extension of digital security.
Apart from U2F, Modis Lock is also compatible with OTP and TOTP, along with PIN-entry and RFID/NFC. This makes it possible to set up custom multi-factor authentication protocols for physical access.
To further simplify IT infrastructure management, we are providing the administration software together with the hardware. No monthly payments or per user licensing.
The point of Modis Lock is to make sophisticated security accessible to small business owners. We wanted that to be reflected in every aspect of the product.
To make sure that Modis Lock adapts to our customers’ existing IT infrastructure, instead of the other way around, the system is made to be compatible with standard electronic locks, and the administration software has APIs to allow integration it into existing business services, security applications or reporting systems.
To learn more about the system, make sure to visit our recently redesigned product page. You will now be able to schedule a live demo to learn more about the system.