Pointsharp PKI Management — YubiKey edition

Lifecycle management of YubiKeys at enterprise scale.

Implement YubiKeys at scale

The YubiKey, which delivers modern phishing-resistant MFA and a fast and easy experience, protects organizations and their users from the evolving security landscape. Deploying YubiKeys at scale for hundreds or thousands of users in a larger organization creates additional requirements for YubiKey lifecycle management.

Pointsharp PKI management—YubiKey edition offers a centralized lifecycle management solution that provides all the needed tools and an overview of users, their certificates, and their YubiKeys in one single place, regardless of the organization's size.

This, combined with smart self-service tools, empowers the end users while reducing the workload of IT support and administration.

Quick deployment

Get up and running within a few days’ time for quick security.

Centralized management

Everything needed in one single interface for easy management.

Enterprise scale

Mass enrollment, decentralized administration, and complete audit trails.

Made for you

We know that every organization is unique, and our specialized YubiKey solution is just one way we provide flexible and adaptable solutions that suit your needs. If you have other certificate-based authentication requirements, please consider our full PKI Management solution.

Centralized management of keys and certificates

Centralize management on a per-user basis in a single interface. Issue, renew, or revoke specific certificates connected to the user and register and block that user’s different YubiKeys.

Quick deployment

Pointsharp PKI management — YubiKey edition is designed to be quick and easy to set up within the organization’s infrastructure. A typical deployment can be set up within a few days to quickly secure an entire organization and its users.

Advanced logging and audit trails

Every action performed in the management portal is logged and cannot be deleted, not even by an administrator with full privileges. For critical actions, it is also possible to demand certificate-based signing to ensure there are always full audit trails with non-repudiation.

Flexible administration and self-service

Pointsharp PKI management — YubiKey edition features advanced segregation of rights. This enables an organization to decentralize the management workload, free up time, and streamline itself. An example of this is segmenting administrative rights into three levels.

Users can be given a level of self-service, enabling them to register their own YubiKeys and renew certificates.

Local admins can issue, block, and renew keys and certificates or reset returned YubiKeys.

Administrators can then manage and configure the solution, template, policies, and administrator groups.

This frees up time and makes the organization run more efficiently.

A user can:

Enroll their own YubiKeys and issue certificates.
Change PIN codes for their YubiKeys.
Unlock locked PIN codes for their YubiKeys.

A local administrator can:

Issue, block, and renew all types of certificates.
Administrate and overview using logging functions and reports.
Remote unlock a user’s YubiKey through control-response.
Reset a returned YubiKey and re-use it.

An administrator can:

Configure the Pointsharp PKI management – YubiKey edition.
Handle certificate templates.
Manage security code (PIN) policy.
Manage administrator groups.
Consult and use an interface for audit logs and reports concerning, for example, -YubiKey users and administrators, as well as issued and blocked certificates.
Control and delimit authorizations for administrators with great flexibility.
Delegate temporary eligibility for a temporary administrator according to schedule.