FIDO2 is a modern authentication standard that enables secure login without passwords. It leverages technologies such as passkeys, biometric identifiers, and security keys to effectively protect users from phishing and credential misuse. CSIT Finland utilizes FIDO2 technology in Imprivata and Pointsharp solutions, which provide organizations with secure, user-friendly authentication supporting Zero Trust principles for workstations, applications, and cloud services.
FIDO2 – Benefits:
- Passwordless and user-friendly login
- Phishing-resistant authentication
- Enhanced security without additional user burden
- Faster access to workstations and applications
- Fewer password resets and IT support requests
- Supports Zero Trust architecture
- Suitable for both shared and personal workstations
- Easy to integrate with modern identity and access management solutions
What is FIDO2?
FIDO2 (Fast Identity Online) is an open authentication standard designed to replace passwords with stronger, more secure, and user-friendly authentication. Users authenticate using, for example:
- biometric identification (fingerprint or facial recognition)
- PIN code
- FIDO2 security key (e.g., YubiKey)
- passkey
FIDO2 is based on public key cryptography, meaning the password is never sent to the service and does not need to be remembered.
Why FIDO2?
Traditional passwords remain one of the most common causes of data breaches. FIDO2 solves several of their problems.
Key Benefits
- Protects against phishing (phishing-resistant)
- No passwords to remember or change
- No reused passwords
- Faster login
- Fewer password recovery requests
- Better user experience
- Supports Zero Trust architecture
- Meets the objectives of modern security requirements (e.g., NIS2) regarding strong authentication.
Imprivata and FIDO2
Imprivata leverages FIDO2 particularly for fast, secure, and passwordless authentication in healthcare and other organizations that extensively use shared workstations.
Imprivata Enterprise Access Management supports, among others:
- FIDO2 Security Keys
- passkey authentication
- biometric identifiers
- NFC cards
- PIN code
These can be used individually or combined for multi-factor authentication according to the organization’s security requirements.
Imprivata’s Particular Strength
Imprivata’s solution does not focus solely on web services, but on the entire work environment:
- workstation login
- shared workstations
- clinical workstations
- roaming sessions
- single sign-on (Enterprise SSO)
- mobile devices
In its latest Enterprise Access Management solution, Imprivata combines FIDO2 passkeys, biometric authentication, adaptive risk-based authentication, and identity analytics into a single passwordless user environment.
Pointsharp and FIDO2
Pointsharp leverages FIDO2 particularly in implementing centralized access management and the Zero Trust model for organizations.
Pointsharp Access Management provides built-in support for:
- FIDO2
- passkeys
- YubiKeys
- other modern passwordless solutions
The solution aims to provide phishing-resistant authentication without VPN dependency and to centrally manage access to both cloud and on-premises systems.
Pointsharp’s Strengths
Pointsharp particularly emphasizes:
- centralized management
- easy user onboarding
- credential lifecycle management
- legacy system compatibility
- gradual transition toward a passwordless environment.
The company also highlights that FIDO2 reduces IT support workload, as password resets and recoveries decrease significantly.
Imprivata + Pointsharp Together
For CSIT Finland’s customers, the solutions complement each other well:
Imprivata:
Fast login to devices and applications
Shared workstations
Enterprise SSO
Healthcare workflows
Biometrics, FIDO2, NFC cards
Pointsharp
Centralized access management
Passkey and FIDO2 management
Zero Trust access management
Organization-wide authentication
FIDO2, passkeys, YubiKeys
Follow us
Would you like to know more about our identity management and access control solutions?
Leave us a message and we will contact you as soon as possible.
