Strong authentication solution for leading U.S healthcare provider

A leading US-based information and technology-enabled health services provider, serving 127 million people across 50 states required a manageable strong authentication solution for its 160,000 employees to securely authenticate. The health services provider, found in 4 out of 5 U.S. hospitals, serves multiple federal agencies, state Medicaid, Health and Human Services agencies, as well as employers and life science organisations.


The YubiKey, a hardware security key by Yubico that enables strong two-factor authentication (2FA)  as part of a PKI solution, stood out as the best technology. YubiKeys support multiple authentication protocols, including Personal Identity Verification (PIV), to address the US Government’s  regulations for digital identity for Federal employees and Contractors.

YubiKeys delivered ease of use and reliable hardware-backed security to the healthcare provider’s employees, enabling them to securely log in to their desktops and laptops by inserting their YubiKey into a USB-A or USB-C port and entering a PIN to authenticate. This secure means of authentication enabled employees to access all of the systems necessary as part of their role.

With a significant share of employees operating Macbooks, the ability to use YubiKey 5 Series keys across both Macs and PCs for 2FA was a significant benefit, particularly as end-point protection options for Mac devices are limited.

With plans to issue 7,000 YubiKeys across its employees, the next challenge for the healthcare provider was to identify a way to issue secure credentials to each employee’s YubiKey. In addition, managing the lifecycle of such a volume of devices posed a further challenge.

MyID credential management software was already used by the organization for issuing and managing credentials to employee smart cards. Sitting at the heart of the healthcare provider’s PKI ecosystem, MyID provided the connectors necessary to link between Certificate Authority (CA), Hardware Security Module (HSM) and smart cards. In addition, MyID already supported the YubiKey and so enabled integration of the devices into the existing IT infrastructure.

MyID provided all of the request, issuance, update, and unlock features required to deploy certificates to YubiKeys and manage their lifecycle. Intercede’s Professional Services team made integrating MyID into the existing identity ecosystem simple, saving time and money.

The self-service element of MyID also meant that the healthcare provider was able to make lifecycle credential management simple and easy for their employees, enabling them to self-serve. Resulting in another time and cost efficiency for the organisation.



With the easy-to-use, fast, and reliable hardware-backed technology, employees can authenticate their digital ID using YubiKey, making help desk calls for forgotten passwords and logins obsolete as MyID enables end users to manage and update their own YubiKey through self-service.


Simple integration for the IT team meant strong authentication could get up and running smoothly and to agreed timescales.


Together MyID and YubiKey meet the diverse needs of the healthcare provider's end users, enabling policy control across user groups and authentication across smart cards, YubiKeys and mobile devices.

Download the case study

Discover why a leading US-based health services provider evolved their workforce digital identity solution with MyID and YubiKeys to provide strong two-factor authentication that would minimize the threat of data breach and provide a user-friendly solution for their employees to access sensitive information in both clinical and remote-based environments.


Trusted by Governments and Enterprises Worldwide

Where protecting systems and information really matters, you will find Intercede.  Whether its citizen data, aerospace and defense systems, high-value financial transactions, intellectual property or air traffic control, we are proud that many leading organizations around the world choose Intercede solutions to protect themselves against data breach, comply with regulations and ensure business continuity.