NIS2 requires strong authentication, but the authentication methods that work in IT environments routinely fail when applied to operational technology. Frontline workers cannot self-enroll FIDO keys, shared workstations do not support standard MFA flows, and enrollment treated as a feature rather than a program leaves hardware security keys sitting unused on a shelf. The myths around passkeys and FIDO - that they are easy to deploy, plug-and-play or universally applicable - break down fast in production environments where availability is non-negotiable.

Andrzej Blaszczyk of HID Global draws on real-world OT authentication deployments to identify the failure patterns that derail MFA rollouts and what approaches actually work at scale.

In this session, you will learn:

• Why self-service enrollment models designed for office users fail on the shop floor;
• How shared workstations, kiosks and clean-room environments each require distinct authentication design;
• What a realistic NIS2-ready authentication program looks like when built for OT realities, not IT assumptions.