SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
Story image
Are your shared workstations secured against cyber attacks?
Mon, 31st Jul 2023

Commentary on behalf of Yubico highlights how shared workstation environments can pose a significant security threat to businesses if strong protection measures are not taken.

While there can be cost savings and increased productivity in shared workstation environments, frequent shift rotations, seasonal employees, and high staff turnover often lead to insecure shared workspace practices. These insecure practices include shared login credentials or visible sticky notes with passwords written on them.

According to Yubico, credentials remain a top target for cybercriminals, with 81% of data breaches caused by stolen or weak passwords, demonstrating that static credentials are not secure.

Yubico says multi-factor authentication (MFA) is an easy first line of defence against the risks posed by shared workspaces, but not all forms of MFA are created equal. 

Mobile-based legacy MFA tools, such as SMS, OTP codes, and push notifications, are highly susceptible to cyberattacks like phishing, brute force attacks, Man-in-The-Middle (MiTM) attacks, malware and SIM swapping. 

Yubico says mobile MFA also has several critical security vulnerabilities. There is no guarantee that a private key ends up on a secure element on the mobile device, an OTP code or private key could be intercepted somehow, and Yubico says it is impossible to ensure proof of possession. 

Beyond security, Yubico says mobile MFA brings further challenges: mobile devices may run out of battery, and their use may even be prohibited, especially in customer-facing roles or high-security areas. 

Yubico suggests replacing legacy MFA with the YubiKey, a cost-effective solution that offers increased protection from increasingly sophisticated attacks like phishing for shared workstation environments.

Furthermore, in assessing the best form of authentication for shared workspaces, Yubico says to remember to consider efficiency, reliability, cost and external variables that can negatively affect solution performance, such as mobile signal and battery life. 

Hyatt Hotels, a global hospitality brand with over 1,000 hotels worldwide, is securing front desk shared workstations with YubiKey to protect their customer data. 

YubiKeys protect access to sensitive customer data, with users required to touch their YubiKey and enter a pin to access their accounts. 

Designed to provide a seamless and secure experience, the YubiKey allows Hyatt Guest Services to perform guest-facing roles without using mobile devices, providing an even better customer experience. 

This streamlined process allows Hyatt employees to maintain direct and personal interaction, which aligns with Hyatt’s hospitality goals and reduces friction in the workplace by allowing employees to sign in quickly and access Hyatt workspaces across all Hyatt locations. 

The YubiKey offers multiple easy-to-use form factors, including USB-A, USB-C, Lightning and NFC contactless connections.

Because applications and services can vary by security offerings, the security keys offered by Yubi ensures flexibility for users by providing options for strong phishing-resistant two-factor, multi-factor and passwordless authentication.