• For regulatory compliance

    Drive regulatory compliance with government and industry-approved strong two factor, multi-factor, and passwordless authentication

    Home » Solutions » For compliance

    Modern strong authentication
    for governments and highly security-conscious organizations

    The YubiKey 5 FIPS Series provides FIPS 140-2 validated strong phishing-resistant two-factor, multi-factor, and passwordless authentication at scale, helping government agencies and highly regulated enterprises drive compliance to global and local industry regulations.


    WATCH THE WEBINAR

    How to bolster your authentication strategy for PCI DSS 4.0

    Learn about what this new standard means for you and how not all forms of multi-factor authentication (MFA) are created equal in terms of compliance and mitigating cyber risk.


    Securing Your Critical Assets in an Ever-Changing Regulatory Environment

    Learn about Security, Compliance, and Modern Strong Authentication.

    ebook cover with lock

    Need to adopt a zero trust architecture and deploy MFA per the U. S. Executive Order on Improving the Nation’s Cybersecurity? Yubico can help with strong authentication that supports zero trust initiatives.

    yubikey on globe

    Strong two-factor, multi-factor and passwordless authentication

    YubiKeys offer phishing-resistant strong authentication, and are the only solution proven to stop account takeovers in independent research.

    YubiKeys for two-factor, multi-factor, and passwordless authentication are helping global organizations drive compliance to regulatory authentication requirements across a wide variety of industries.

    gov building at night

    Meets Federal Government compliance requirements

    Yubico solutions are fully vetted and approved for sale throughout the public sector, both domestically in the United States and abroad.

    YubiKey 5 FIPS Series are FIPS 140-2 validated (Overall Level 1 (Certificate #3907) and Level 2 (Certificate #3914), Physical Security Level 3), to NIST SP 800-63-3 Authenticator Assurance Level (AAL) 3 requirements. They are also Department of Defense Cybersecurity Maturity Model Certification (CMMC) Level III and FedRAMP compliant, and support DFARS/NIST SP 800-171.

    woman working at computer

    Drives compliance to global financial services regulations

    The financial industry has many compliance requirements to contend with. There have been a number of wide-sweeping changes to financial benchmarks (LIBOR), new state and Global privacy laws (GDPR), executive orders, and also indications of revisions to PCI DSS.

    The YubiKey helps financial organizations satisfy strong authentication requirements related to PII and payment information, for PCI DSS, GLBA, FFIEC, PSD2, eIDAS, SOX, SOC2, GDPR, DORA, as well as state and local laws such as CCPA and 23 NYCRR 500.

    healthcare worker using yubikey

    Satisfies strong authentication requirements for global healthcare regulations

    Despite regulatory pressures across the healthcare industry to protect the privacy and security of PHI and IP, common obstacles to improving authentication exist, including hybrid infrastructure challenges.

    The YubiKey offers modern strong authentication at scale that healthcare organizations can leverage to satisfy authentication requirements for HIPAA, HITECH, 21 CFR Part 11, the Support Act/EPCS, ONC Cures Act Final Rule, GDPR, and CCPA. A single YubiKey supports multiple authentication protocols, making it an ideal solution for strong authentication across both legacy and modern infrastructures.

    man working with hardhat

    Meets regulations for energy and natural resources organizations

    The 2020 Colonial Pipeline hack drove White House Cybersecurity Executive Order #14028 mandating Zero Trust and impersonation-resistant MFA, and the TSA Security Directives 2021-01 and 2021-02 for Pipeline owners and operators, to implement special mitigation measures to protect against ransomware and other cyber threats.

    The FIPS 140-2 validated YubiKey meets NIST SP 800-63B Authenticator Assurance Level (AAL) 3 requirements, enabling energy, utilities, and oil and gas entities to comply with EO #14028, the TSA Security Directives, and other government regulations like Sarbanes-Oxley (SOX), the Federal Energy Regulation Commission (FERC), and North American Electric Reliability Commission (NERC) Critical Infrastructure Protection Standards.


    Risk reduction, business growth, and efficiency enabled by YubiKeys

    A recent Forrester Consulting Total Economic Impact™ (TEI) study commissioned by Yubico found that a composite organization representative of interviewed customers who use YubiKeys reduced risk of successful phishing and credential theft attacks by 99.9%, saw a drop in password-related helpdesk tickets by 75%, and experienced a 203% 3-year ROI with YubiKeys.

    BUT…. all organizations are different. Enter your own company data to create a custom Dynamic TEI study and instantly see how Yubico’s solutions can help your organization!

    TEI Forrester report

    YubiKey as a Service: peace of mind and flexibility for less than a cup of coffee per user/month

    Simplify purchase and support while also providing financial benefits. Estimate your potential savings with a subscription as compared to a one-time purchasing model.


    Learn more about the YubiKey for Regulatory Compliance

    compliance federal gov white paper cover with gov building
    How the YubiKey meets U.S. Federal Government regulations
    financial white paper cover with laptop
    How the YubiKey meets global financial services regulations
    healthcare white paper with workers
    How the YubiKey helps global healthcare organizations meet regulatory requirements
    array of logos

    Get Started

    YubiKey 5 series

    Find the right YubiKey

    Contact our sales team for a personalized assessment of your company’s needs.

    YubiKey in an ice cream cone
    Get protected today

    Browse our online store today and buy the right YubiKey for you.