Centrify and Yubico bring Context-based Adaptive Authentication the Enterprise


Yubico and Centrify together provide context-based, adaptive authentication across enterprise users and resources. Whether it’s for PIV-based authentication, OATH One-time passwords, or as a physical NFC token for mobile devices — Centrify and Yubico provides IT the flexibility to enforce security without user frustration.

Centrify can leverage the YubiKey for use cases such as:

  • Smartcard AD-based log in to  Mac or Linux
  • Re-authentication for privilege escalation on Windows
  • Smartcard login to Centrify’s cloud service for SSO, Secure Remote access, or administration
  • YubiKey OATH OTP for as a second factor for secure SSO to individual cloud applications, or to a portal of cloud apps
  • YubiKey as OATH OTP for MFA to servers for privileged session control
  • YubiKey as physical NFC token for MFA to secure access to apps on mobile devices

The rise of cloud and mobile means that business employees are using more varied devices than ever, to access ever-growing number of cloud and on-premises apps — each with their own username and password. With so many credentials to remember, employees resort to re-using simple passwords across apps and devices.

Given the massive amount of credentials that have been compromised in the recent past, it’s safe to assume that every password has been stolen, and made available to attackers. Multi-factor authentication reduces the risk of compromised credentials, but is often too cumbersome for end users, or — in the case of smart cards – requires dedicated readers on all end-user devices.

Companies are looking to bolster security, and prevent attacks based on compromised credentials: but must balance the security of any solution with employee satisfaction.

Key Benefits

  • Simplify security:  One platform secures all your users, and one YubiKey enables MFA across devices, apps, and servers
  • Speed adoption: Users get secure access to the apps they need, from the devices they choose — without training or confusion
  • Save cost:  Eliminate helpdesk calls for password reset thanks to secure SSO across devices
  • Meet regulations:  Enable BYOD while still complying with NIST regulations requiring smartcard authentication