Microsoft has partnered with Yubico to announce new security solutions to help organizations prevent phishing attacks against Azure, Office 365, and remote desktop environments. The new security tools are designed to make it harder for malicious actors to target privileged Azure customers.
YubiKey is a USB-like hardware authentication device that lets users secure access to computer systems, online services, and networks. It works with several consumer, developer, and enterprise applications that support authentication methods such as one-time passwords.
The Certificate-based Authentication (CBA) feature allows organizations with existing smart cards and public-key infrastructure to authenticate Azure AD even without using a federated server. It’s now possible to use the YubiKey for authentication, which makes it easier to ditch on-premises solutions such as Active Directory Federation Services.
Microsoft has released a new conditional access authentication strength feature that allows enterprises to configure their YuBiKeys for select user authentication policies. These include certificate-based authentication, FIDO-based passwordless support, and phishing-resistant Multi-Factor Authentication (MFA). The security feature helps to protect privileged Azure users from credential theft and phishing campaigns.
Microsoft Azure Virtual Desktop gets support for FIDO authenticators
Finally, Microsoft has introduced FIDO-based passwordless authentication for its Azure Virtual Desktops (AVD) service. This release enables employees to use YubiKeys and Azure AD passwordless credentials to connect to their cloud-based PCs.
“Providing new identity solutions to protect our customers is paramount in the fight to stop phishing,” explained Sue Bohn, VP of product management for Microsoft’s Identity and Network Access (IDNA) group. “We’re excited to launch these new features that support key steps customers can take in their Zero Trust journey, and Yubico has been with us fighting against these phishing attacks every step of the way.”
It is important to note that Yubico is holding a webinar titled “New tools to prevent phishing with Azure AD and YubiKeys” on November 3rd at 9 AM PT. The company plans to share additional information about the aforementioned solutions and discuss best security practices, and you can register on the dedicated website to attend it virtually.