SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
Story image
Microsoft's Surface Pro 10 promotes passwordless future with YubiKey
Mon, 25th Mar 2024

Yubico, the manufacturer of the phishing-resistant hardware authentication device, YubiKey, has highlighted how Microsoft's Surface Pro 10 for Business has enabled NFC-based passwordless authentication with their device. This development showcases Microsoft's consistent emphasis on the advancement of digital innovations, particularly within the cybersecurity sector.

The Microsoft Surface Pro 10 for Business is the first product in the Surface Pro line to possess a built-in NFC reader, which is positioned on the top left corner of the screen. This inclusion facilitates a streamlined, secure, passwordless login for users into their device and related cloud services such as Windows 365 or Imprivata—all achieved with a simple tap of the YubiKey on the device.

Implementing NFC capabilities into the Surface Pro 10 paves the way for creating phishing-resistant users within the enterprise sector through the ease of utilisation of the YubiKey. Users can log into Windows and authenticate themselves into their cloud-based Microsoft accounts, thus marking a substantial step towards advancing into a passwordless future.

Stored securely on the YubiKey are device-bound passkeys, giving users the ability to access their cloud-based profiles and data from any Surface Pro 10. Such a feature offers significant security benefits for all industries and is particularly useful for industries such as hospitality, retail and healthcare, where shared workstation environments are prevalent.

Nancie Gaskill, Microsoft's General Manager, noted the benefits of this development: "Our enterprise customers rely on Surface for industry-leading security and seamless user experiences. By adding YubiKeys to the Surface Pro 10, the integrated NFC reader provides users with secure and innovative authentication options, delivering a huge win on both fronts, protecting against the increasing threat and volume of identity-based cyber attacks."

Yubico has worked closely with Microsoft to lay the foundations for a passwordless, phishing-resistant future for organisations of varying sizes and industries. Collaborations with Microsoft, including through their mutual membership in the FIDO Alliance, mean that organisations benefit from hardware-based passkey authentication in YubiKeys, strengthening security while offering a more user-friendly experience.

YubiKeys, which natively works with Windows 11, Entra ID, Active Directory Certificate Services (ADCS), and numerous enterprise applications and services, actively prevents account takeovers. YubiKeys offer a solution that hastens the development towards passwordless authentication, whether the organisation's environment is based in the cloud or on premise with Microsoft Entra ID. Moreover, the YubiKey is designed to concurrently support the widest variety of authentication protocols and open standards, simultaneously improving authentication while reducing both complexity and total cost of ownership.

In the era of increasing cyber threats, the collaboration between Microsoft and Yubico in embedding NFC capabilities into the Surface Pro 10 and providing seamless integration with YubiKeys provides companies with phishing-resistant security measures and pushes us closer towards a passwordless future.