HEALTHCARE PROVIDER

Strong authentication solution for leading U.S healthcare provider

A leading US-based information and technology-enabled health services provider, serving 127 million people across 50 states required a manageable strong authentication solution for its 160,000 employees to securely authenticate.

The health services provider, found in 4 out of 5 U.S. hospitals, serves multiple federal agencies, state Medicaid, Health and Human Services agencies, as well as employers and life science organisations.

SECURING ACCESS TO SYSTEMS AND DATA

>127m

patients served across 4/5 US hospitals and in the community

U.S. states covered by the healthcare provider

>160k

strong workforce providing exemplary care and support

THE CHALLENGE

The healthcare provider’s IT Security team was looking to evolve their digital identity solution to a strong two-factor authentication (2FA) system that would minimise the risk of data breach. Safeguarding patients and ensuring a seamless, secure user experience for their workforce was paramount.

Already utilising public key infrastructure (PKI) for smart cards, the IT team identified an opportunity to extend the use of public key cryptography for employees to securely log in to their laptop devices.

Secure, seamless authentication from an end user perspective was essential as users, including practitioners on home visits, would need a quick and simple way of accessing sensitive information.

In addition, the organisation needed a solution that would work within their existing environment, enabling credentials to be issued and managed to smart cards and other devices from one central credential management system.

PKI would enable the healthcare provider to issue encrypted credentials to smart cards, keys and mobile devices, offering a truly passwordless means of authenticating to secure networks for everyone.

THE SOLUTION

Yubikey

The YubiKey, a hardware security key by Yubico that enables strong two-factor authentication (2FA) as part of a PKI solution, stood out as the best technology. YubiKeys support multiple authentication protocols, including Personal Identity Verification (PIV), to address the US Government’s regulations for digital identity for Federal employees and Contractors.

YubiKeys delivered ease of use and reliable hardware-backed security to the healthcare provider’s employees, enabling them to securely log in to their desktops and laptops by inserting their YubiKey into a USB-A or USB-C port and entering a PIN to authenticate. This secure means of authentication enabled employees to access all of the systems necessary as part of their role.

With a significant share of employees operating Macbooks, the ability to use YubiKey 5 Series keys across both Macs and PCs for 2FA was a significant benefit, particularly as end-point protection options for Mac devices are limited.

MyID

With plans to issue 7,000 YubiKeys across its employees, the next challenge for the healthcare provider was to identify a way to issue secure credentials to each employee’s YubiKey. In addition, managing the lifecycle of such a volume of devices posed a further challenge.

MyID credential management software was already used by the organisation for issuing and managing credentials to employee smart cards. Sitting at the heart of the healthcare provider’s PKI ecosystem, MyID provided the connectors necessary to link between Certificate Authority (CA), Hardware Security Module (HSM) and smart cards. In addition, MyID already supported the YubiKey and so enabled integration of the devices into the existing IT infrastructure.

MyID provided all of the request, issuance, update, and unlock features required to deploy certificates to YubiKeys and manage their lifecycle.

Intercede’s Professional Services team made integrating MyID into the existing identity ecosystem simple, saving time and money.

The self-service element of MyID also meant that the healthcare provider was able to make lifecycle credential management simple and easy for their employees, enabling them to self-serve. Resulting in another time and cost efficiency for the organisation.

BENEFITS

Optimum passwordless security

Strongest form of 2FA integrated across 7,000 YubiKey users and optimum authentication safety assured for the healthcare provider's 127 million customers' data

User-friendly

Easy to use, fast, and reliable hardware-backed technology for employees to authenticate their digital ID using YubiKey

Easy to deploy

Simple integration for the IT team meant strong authentication could get up and running smoothly and to agreed timescales

Proven

Technologies that are widely adopted in healthcare and many other sectors for issuing and managing millions of certificates for trusted digital identities

Minimum ongoing IT support

Help desk calls for forgotten passwords and logins are a thing of the past as MyID enables end users to self-serve by managing and updating their own YubiKey

Adaptable

Together MyID and YubiKey meet the diverse needs of the healthcare provider's end users, enabling policy control across user groups and authentication across smart cards, YubiKeys and mobile devices

To find out more about YubiKey

Download the case study

Discover why a leading US-based health services provider evolved their workforce digital identity solution with MyID and YubiKeys to provide strong two-factor authentication that would minimize the threat of data breach and provide a user-friendly solution for their employees to access sensitive information in both clinical and remote-based environments.

DOWNLOAD

Want to know more?

If you are ready to book a demo, simply click the button below and we will arrange a demo of MyID®

demo request

Trusted by Governments and Large Enterprises Worldwide

Where protecting systems and information really matters, you will find MyID. Whether its citizen data, aerospace and defence systems, high-value financial transactions, intellectual property or air traffic control, we are proud that many leading organisations around the world choose MyID to protect themselves against data breach and ensure business continuity.