Security hardware company Yubico has announced plans to tackle the logistics problem it says is slowing down security key adoption — the issue of getting the right device to the right employee without turning IT teams into shipping departments.
To do this, Yubico is adding self-service YubiKey ordering to its YubiKey-as-a-Service offering. The update allows employees to order their own security keys through a new Customer Portal after receiving an invitation from IT.
SEE ALSO: Finance teams know AI-powered fraud is growing, but many still fight it by hand
The idea is as simple as it sounds. Instead of IT collecting shipping addresses, choosing hardware models, and placing individual orders, administrators send email invites to users or groups.
Employees then select the YubiKey form factor that fits their devices and enter their own delivery details. Keys can be shipped to home or office addresses across the U.S., Canada, and Europe.
Hardware-backed authentication is widely considered resistant to phishing and credential theft, but deployment often becomes a bottleneck, especially for distributed workforces or companies onboarding large numbers of employees at once.
The self-service option is available only through YubiKey as a Service, which bundles hardware, delivery, and management into a subscription.
That model already supports shipments to a wide range of countries, although self-service ordering currently covers a smaller set of regions.
Yubico’s new Customer Portal
Alongside self-service ordering, Yubico is rolling out a redesigned Customer Portal that acts as a central dashboard for managing YubiKeys, replacing older, more fragmented management views.
From the admin side, the portal shows purchased licenses and physical keys, with a distinction between total inventory and what is ready to ship. This is meant to reduce confusion during larger rollouts, where it isn’t always clear what hardware is available at any given moment.
Self-service ordering obviously won’t remove IT oversight entirely. Employees can only place orders after receiving an invite, and the ordering page can be branded so users recognize it as a legitimate company request.
There will also be handy guidance provided on choosing the right key, which is meant to cut down on mistakes and follow-up support tickets.
What do you think about shifting security key ordering from IT teams to employees themselves? Let us know in the comments.
