Microsoft and Yubico release 3 new Azure AD solutions to tackle enterprise phishing
Microsoft and Yubico have announced the release of three new sets of solutions to aid organizations in deploying Azure Active Directory (Azure AD) to fight phishing attacks across Azure, Office 365, and remote desktop environments.
The first of them is Certificate-based Authentication (CBA). While generally available for Azure AD, companies can now use the YubiKeys they already have as smart cards with Azure AD enabling them to move from on-premises authentication solutions toward cloud strategies.
The second set of features enables firms to tackle phishing attacks by implementing specific user authentication policies. Companies can now use YubiKeys for phishing-resistant multi-factor authentication (MFA) for FIDO-based passwordless (FIDO2/WebAuthn) or certificate-based authentication to make sure that YubiKeys are the only authentication solution allowed.
Thirdly, Azure Virtual Desktop (AVD) is now adding support for FIDO authenticators, enabling users to connect to a personal workstation in the cloud via a YubiKey and Azure AD passwordless credentials.
According to the companies, the solutions will play a fundamental role in supporting organizations looking to comply with the recent executive order from the White House, which set forth a series of security requirements for companies.
“Providing new identity solutions to protect our customers is paramount in the fight to stop phishing,” explains Sue Bohn, VP of product management for Microsoft’s identity and network access (IDNA) group.
“We’re excited to launch these new features that support key steps customers can take in their Zero Trust journey, and Yubico has been with us fighting against phishing attacks every step of the way.”
The two companies expanded an existing partnership last year.
Microsoft will discuss these solutions further in a webinar on November 3rd at 9 am PT. Registration is necessary to attend.
The new solutions come weeks after Yubico entered a new partnership with Cloudflare to integrate hardware keys with the content delivery network’s Zero Trust service.