A leading US-based information and technology-enabled health services provider, serving 127 million people across 50 states required a manageable strong authentication solution for its 160,000 employees to securely authenticate.
The health services provider, found in 4 out of 5 U.S. hospitals, serves multiple federal agencies, state Medicaid, Health and Human Services agencies, as well as employers and life science organisations.
Securing access to systems and data
THE CHALLENGE
The healthcare provider’s IT Security team was looking to evolve their digital identity solution to a strong two-factor authentication (2FA) system that would minimise the risk of data breach. Safeguarding patients and ensuring a seamless, secure user experience for their workforce was paramount.
Already utilising public key infrastructure (PKI) for smart cards, the IT team identified an opportunity to extend the use of public key cryptography for employees to securely log in to their laptop devices.
Secure, seamless authentication from an end user perspective was essential as users, including practitioners on home visits, would need a quick and simple way of accessing sensitive information.
In addition, the organisation needed a solution that would work within their existing environment, enabling credentials to be issued and managed to smart cards and other devices from one central credential management system.
PKI would enable the healthcare provider to issue encrypted credentials to smart cards, keys and mobile devices, offering a truly passwordless means of authenticating to secure networks for everyone.
THE SOLUTION
YubiKey
The YubiKey, a hardware security key by Yubico that enables strong two-factor authentication (2FA) as part of a PKI solution, stood out as the best technology. YubiKeys support multiple authentication protocols, including Personal Identity Verification (PIV), to address the US Government’s regulations for digital identity for Federal employees and Contractors.
YubiKeys delivered ease of use and reliable hardware-backed security to the healthcare provider’s employees, enabling them to securely log in to their desktops and laptops by inserting their YubiKey into a USB-A or USB-C port and entering a PIN to authenticate. This secure means of authentication enabled employees to access all of the systems necessary as part of their role.
With a significant share of employees operating Macbooks, the ability to use YubiKey 5 Series keys across both Macs and PCs for 2FA was a significant benefit, particularly as end-point protection options for Mac devices are limited.
MyID
With plans to issue 7,000 YubiKeys across its employees, the next challenge for the healthcare provider was to identify a way to issue secure credentials to each employee’s YubiKey. In addition, managing the lifecycle of such a volume of devices posed a further challenge.
MyID credential management software was already used by the organisation for issuing and managing credentials to employee smart cards. Sitting at the heart of the healthcare provider’s PKI ecosystem, MyID provided the connectors necessary to link between Certificate Authority (CA), Hardware Security Module (HSM) and smart cards. In addition, MyID already supported the YubiKey and so enabled integration of the devices into the existing IT infrastructure.
MyID provided all of the request, issuance, update, and unlock features required to deploy certificates to YubiKeys and manage their lifecycle.
Intercede’s Professional Services team made integrating MyID into the existing identity ecosystem simple, saving time and money.
The self-service element of MyID also meant that the healthcare provider was able to make lifecycle credential management simple and easy for their employees, enabling them to self-serve. Resulting in another time and cost efficiency for the organisation.
THE BENEFITS
OPTIMUM PASSWORDLESS SECURITY
Strongest form of 2FA integrated across 7,000 YubiKey users and optimum authentication safety assured for the healthcare provider's 127 million customers' data
USER-FRIENDLY
Easy to use, fast, and reliable hardware-backed technology for employees to authenticate their digital ID using YubiKey
EASY TO DEPLOY
Simple integration for the IT team meant strong authentication could get up and running smoothly and to agreed timescales
PROVEN
Technologies that are widely adopted in healthcare and many other sectors for issuing and managing millions of certificates for trusted digital identities
MINIMUM ONGOING IT SUPPORT
Help desk calls for forgotten passwords and logins are a thing of the past as MyID enables end users to self-serve by managing and updating their own YubiKey
ADAPTABLE
Together MyID and YubiKey meet the diverse needs of the healthcare provider's end users, enabling policy control across user groups and authentication across smart cards, YubiKeys and mobile devices
To find out more about YubiKey: https://www.yubico.com
To find out more about MyID credential management software, contact us now using the form below.
Healthcare Use Case
Trusted by government and large enterprises, worldwide
Where data really matters, you will find MyID. The security, reliability and interoperability of MyID software sets it apart and is why we are proud to help many leading organisations around the world manage the secure digital identities they issue, whether that's governments managing citizen ID or enterprises managing employee, contractor and supplier IDs.