Duo Security Two Factor Evaluation Guide
Duo Security Two Factor Evaluation Guide
Duo Security Two Factor Evaluation Guide
What to look for when assessing and comparing two-factor authentication solutions
I NTR O D U C TI O N S EC U R IT Y I M PAC T STR ATE G I C I N ITI ATI V E S C O ST O F OW N E R S H I P TI M E TO VA LU E R EQ U I R E D R E S O U R C E S TH E D U O A DVA NTAG E
Two-factor authentication
is the simplest, most effective
way to make sure users really are
who they say they are.
More than 80% of
By verifying your users’ identities before they access your But, not every two-factor solution is the same. Some vendors only
network, two-factor authentication protects your applications provide the bare minimum needed to meet compliance requirements
and data against unauthorized access. It works by requiring – and lots of hidden costs required for deployment, operation and
involve brute force something you know, like a password; something you have, like
your device or a security key; something you are, like your personal
employees time and productivity.
+ An overview of the different strategic business initiatives, and how your solution fits into them
© 2020 Cisco Systems, Inc. and/or its affiliates. All rights reserved.
1
I NTR O D U C TI O N S EC U R IT Y I M PAC T STR ATE G I C I N ITI ATI V E S C O ST O F OW N E R S H I P TI M E TO VA LU E R EQ U I R E D R E S O U R C E S TH E D U O A DVA NTAG E
2
I NTR O D U C TI O N S EC U R IT Y I M PAC T STR ATE G I C I N ITI ATI V E S C O ST O F OW N E R S H I P TI M E TO VA LU E R EQ U I R E D R E S O U R C E S TH E D U O A DVA NTAG E
Security Impact
The most critical security aspects of an authentication solution are 1) effectiveness against threats related to credential theft, and 2) underlying
security and reliability. The primary goal is to reduce the risk of a data breach to your organization. If a solution is easily bypassed or doesn’t provide
organization’s applications, networks and data that can be accessed enterprise uses more than 1,000 cloud apps today. That’s too many start the passwordless journey without compromising on security.
remotely. If you can log into an application or a system over the internet, passwords for IT to manage securely, and for users to remember. This
For end users, SSO provides access to multiple applications with a single
you should protect it with more than just a username and password. VPN, results in password fatigue, and it’s no surprise that weak and stolen
login (using one master set combination of username and password) —
SSH and RDP connections are gateways to your corporate networks passwords are among the leading causes of a breach. Eliminating
and reducing the number of passwords eliminates bad password habits
and therefore require added layers of protection to prevent unauthorized passwords from authentication sounds very attractive; however, as with
such as password reuse. For administrators, SSO serves as a unified
access. Wherever possible, use FIDO-based (Fast IDentity Online, an open any new technology, it is wise to take a thoughtful approach to adopting
point of visibility for authentication and access logs, and an effective
industry standard for strong authentication) security keys that leverage passwordless authentication.
policy enforcement point to apply security policies for each application
WebAuthn and provide the highest level of assurance for authentication.
Passwordless is a journey that requires incremental changes for both depending on its risk profile.
With a modern MFA solution built on zero trust principles, you can get users and IT environments. Ask security vendors how their products can
a clearer picture of the users and devices that are trying to access your help you embrace a passwordless future without creating security gaps or
network. It is no longer enough just to verify the user before granting causing IT headaches.
workflow. Ensure your solution can integrate with any custom software,
SECURE SENSITIVE DATA VERIFY DEVICE STATE ADAPTIVE POLICIES & CONTROLS
Check that the solution allows you to create and enforce advanced Consider a solution that offers comprehensive device verification An advanced two-factor authentication solution lets administrators define
policies and controls that you can apply to environments with sensitive capabilities across laptops, desktops or mobile devices. The solution rules and levels of access with adaptive controls, balancing security
data – whether it is internet-accessible or a private network. should ensure that devices accessing your environment are in compliance and ease-of-use based on the users, groups, devices, networks and
Examples include: with your organization’s security criteria. This includes verifying that the applications involved.
+ Allow users to authenticate less often when using the same device
+ Block login attempts from foreign countries where you don’t do business,
devices
these solutions leave many security gaps and zero coverage for cloud
4
I NTR O D U C TI O N S EC U R IT Y I M PAC T STR ATE G I C I N ITI ATI V E S C O ST O F OW N E R S H I P TI M E TO VA LU E R EQ U I R E D R E S O U R C E S TH E D U O A DVA NTAG E
the devices they use to access your organization’s apps and data. An to support new users, integrations and devices – no matter where they are, security incidents and downtime. A cloud-based 2FA provider should
advanced authentication solution should give you an at-a-glance picture including on-premises and in the cloud. Check that your provider offers maintain their solution independent from your systems. That way, even if
of the security profile of all devices in your environment, letting you different authentication methods, including smartphone apps, biometrics, you’re breached, access to your applications is still securely managed by
take action to protect against known vulnerabilities. Because data is phone callback, passcodes and hardware tokens to fit every user’s need. your provider.
Ensure your solution comes with detailed logs about your users, devices, guaranteed by strong service level agreements (SLA).
these logs to easily export to your SIEM tools and help create custom
and more – useful for determining where and when certain attacks may
occur. Ask if the provider can detect and automatically alert administrators
5
I NTR O D U C TI O N S EC U R IT Y I M PAC T STR ATE G I C I N ITI ATI V E S C O ST O F OW N E R S H I P TI M E TO VA LU E R EQ U I R E D R E S O U R C E S TH E D U O A DVA NTAG E
your own device (BYOD), remote work or the adoption of cloud applications. Other business drivers to consider include compliance regulation
solution can easily integrate with your cloud applications. Additionally, if to get work done. When evaluating authentication solutions, consider how devices your employees use? Ask your provider how you can get greater
you’re moving away from managing software and hardware on-premises, compatible they are with your BYOD environment. Can users use their own visibility and control into your cloud and mobile environment, without
then you should consider adopting a cloud-based authentication solution devices to complete authentication? requiring users to enroll their personal devices in enterprise mobility
that can scale as needed. Make sure your authentication solution protects solutions (like mobile device management/MDM).
Check that your authentication solution provides a mobile app that works
what’s important both today and in the future.
with all of the different types of mobile and remote devices your employees If it’s not easy to use, your users won’t use it. Evaluate the usability of
use, including Windows, Apple iOS and Android. For flexibility, ensure the your mobile app, for both your users (enrollment, activation and daily
solution works with other methods like security keys, mobile push, code authentication) and administrators (user and solution management).
you can create custom reports, ideal for security analysis and compliance information (PII), protected health information (PHI), customer payment
auditors. Armed with details about jailbroken statuses, patch levels, data, etc., you need to ensure your two-factor solution can meet any
browsers and more, you can also take action to prevent opening up your compliance regulation requirements.
network to known vulnerabilities. Monitoring also gives you insight into any
Additionally, your two-factor provider must be able to provide an
user behavior anomalies or geo-impossible logins – if your user logs in
up‑to‑date proof of compliance report for your auditors. Ask your provider
from one location, and then logs in from another location around the world,
if their company and solution is audited annually or regularly by an
your security team will know.
independent third-party auditor.
7
I NTR O D U C TI O N S EC U R IT Y I M PAC T STR ATE G I C I N ITI ATI V E S C O ST O F OW N E R S H I P TI M E TO VA LU E R EQ U I R E D R E S O U R C E S TH E D U O A DVA NTAG E
such as upfront, capital, licensing, support, maintenance, operating and many other unforeseen expenses over time, like professional services and
How can you be sure you’re getting the best security return on your investment? Consider:
Upfront Costs
See if your vendor’s purchasing model requires that you pay per device,
ADMINISTRATIVE SOFTWARE/HARDWARE VENDOR CONSOLIDATION
user or integration – this is important if your company plans to scale and
Is this included in the software license? Additional management While network environments with a traditional perimeter defense model
add new applications or services in the future. Many hosted services
software is often required – without this, customers can’t deploy 2FA. Does rely on a handful of key services to maintain visibility and enforce security
provide a per-user license model, with a flat monthly or annual cost
the service require the purchase and configuration of hardware within your standards, the growth of SaaS adoption has resulted in many piecemeal
for each enrolled user. When investigating licensing costs, make sure
environment? Confirm the initial and recurring costs for this equipment, solutions to cover the expanded needs of securing cloud-based data and
to confirm whether licenses are named (locked to a single user ID) or
and research the typical time and labor commitment necessary to set assets. Secure access includes strong authentication through 2FA to
transferable, whether there are add-on charges for additional devices or
up these tools. For administrative access with tiered permissions based validate users and may also include:
integrations configured, or delivery charges for different factor methods.
on license version, confirm all functionality you depend on is available, or
Estimate how much it will cost to deploy two-factor authentication to all of + Endpoint management or mobile device management tools for defending
collect a complete list of necessary upcharges.
your apps and users. against device compromise threats
+ Single sign-on portals to centralize and simplify login workflows for users
Along with the redundant costs that can accrue from these overlapping
Look for vendors with simple subscription models, services, each added tool increases complexity and the chances of human
priced per user, with flexible contract times. error or oversight. Finding a solution with comprehensive utility for secure
access can reduce both initial and ongoing management labor costs.
8
I NTR O D U C TI O N S EC U R IT Y I M PAC T STR ATE G I C I N ITI ATI V E S C O ST O F OW N E R S H I P TI M E TO VA LU E R EQ U I R E D R E S O U R C E S TH E D U O A DVA NTAG E
tokens add inventory, management, and shipping costs to consider. For if it will require professional services support and time to install, test and major apps, to cut time and resources needed for implementation. Also
mobile authenticators, confirm if there is any per-device cost for soft troubleshoot all necessary integrations. confirm the availability of general-purpose integrations for the most
tokens, or if an unlimited number of enrolled devices is permitted for each common authentication protocols to cover edge use cases, along with
user license. END USER ENROLLMENT APIs to simplify integration for web applications. See if you can set up a
Estimate how long it will take each user to enroll, and if it requires pilot program for testing and user feedback – simple integrations should
DATA CENTER COSTS any additional administrative training and helpdesk time. Discuss with take no longer than 15 minutes.
Do you have to purchase servers? Server hosting costs can add up: your vendor the typical deployment timeframe expected with your use
power, HVAC (heating, cooling and air conditioning), physical security, case, and seek feedback from peers to validate how this aligns with
personnel, etc. A cloud-based solution will typically include these costs in their experience. Look for an intuitive end user experience and simple
the licensing model. enrollment process that doesn’t require extensive training. Token-based
primary instance, you can end up tripling your software costs. Setting
costs significantly, and some vendors charge additional licensing fees for
business continuity.
9
I NTR O D U C TI O N S EC U R IT Y I M PAC T STR ATE G I C I N ITI ATI V E S C O ST O F OW N E R S H I P TI M E TO VA LU E R EQ U I R E D R E S O U R C E S TH E D U O A DVA NTAG E
Ongoing Costs
PATCHES, MAINTENANCE & UPGRADES ADMINISTRATIVE MAINTENANCE SUPPORT & HELP DESK
Annual maintenance can raise software and hardware costs, as customers Consider the costs of employing full-time personnel to maintain your Live support via email, chat and/or phone should also be included in your
must pay for ongoing upgrades, patches and support. It’s often the two‑factor solution. Does your provider maintain the solution in‑house, or vendor’s service – but sometimes support costs extra. Consider how much
responsibility of the customer to search for new patches from the vendor is it up to you to hire experts to manage it? time is required to support your end users and helpdesk staff, including
and apply them. Look for a vendor that automatically updates the software troubleshooting time.
Estimate how long it takes to complete routine administrative tasks. Is
for security and other critical updates, saving the cost of hiring a team.
it easy to add new users, revoke credentials or replace tokens? Routine Gartner estimates that password reset inquiries comprise anywhere
One of the benefits of SaaS and cloud-hosted services is that servers, tasks, like managing users, should be simple. Sign up for a trial and take it between 30% to 50% of all helpdesk calls. And according to Forrester,
maintenance and monitoring are covered by the provider’s network and for a test run before deploying it to all of your users. 25% to 40% of all helpdesk calls are due to password problems or resets.
security engineers, lightening the load for your team. Depending on your Forrester also determined that large organizations spend up to $1 million
solution, you may have to manually upgrade to the latest version. per year on staffing and infrastructure to handle password resets alone,
only update a few times a year, which can leave you susceptible to new If a solution requires extensive support from your IT or infrastructure
vulnerabilities and exploits. Choose a vendor that updates often, and teams, will you get charged for the time spent supporting your on‑premises
ideally rolls out automatic updates without any assistance from your team. two-factor solution? Estimate that cost and factor it into your budget.
10
I NTR O D U C TI O N S EC U R IT Y I M PAC T STR ATE G I C I N ITI ATI V E S C O ST O F OW N E R S H I P TI M E TO VA LU E R EQ U I R E D R E S O U R C E S TH E D U O A DVA NTAG E
Modern Solutions
High value, upfront costs
+ No fees to add new apps or devices + Device health and posture assessments
+ User self-service portal included + Single sign-on (SSO) and cloud support
NO HIDDEN COSTS
− Administrative software/hardware
− Administrative support
− Helpdesk support
11
I NTR O D U C TI O N S EC U R IT Y I M PAC T STR ATE G I C I N ITI ATI V E S C O ST O F OW N E R S H I P TI M E TO VA LU E R EQ U I R E D R E S O U R C E S TH E D U O A DVA NTAG E
Time to Value
Time to value, or time to security, refers to the time spent implementing, deploying and adapting to the solution.
Determine how long it takes before your company can start realizing the security benefits of a two‑factor authentication
small group of users, giving you the ability to gather valuable feedback on time and costs associated with provisioning your user base. Cloud-based administrators. Make sure you walk through the entire process to identify
what works and what doesn’t before deploying it to your entire team. services provide the fastest deployment times because they don’t require any potential issues.
Most security professionals don’t have time to write their own integration factor solution lets you quickly provision new users for cloud apps by using
code. Choose a vendor that supplies drop‑in integrations for all major existing on-premises credentials.
Cloud-based services cloud apps, VPNs, Unix and MS remote access points. You’ll also want
to look for a vendor that enables you to automate functionality and export
See if the solution requires hardware or software for each user, or time-
don’t require hardware or Also, to save on single sign-on (SSO) integration time, check that your two-
app themselves onto their devices. A solution that allows your users to
provider or application to an identity provider.
download, enroll and manage their own authentication devices using only a
12
I NTR O D U C TI O N S EC U R IT Y I M PAC T STR ATE G I C I N ITI ATI V E S C O ST O F OW N E R S H I P TI M E TO VA LU E R EQ U I R E D R E S O U R C E S TH E D U O A DVA NTAG E
Required Resources
Consider the time, personnel and other resources required to integrate your applications, manage users and devices, and maintain/monitor your solution.
Ask your provider what they cover and where you need to fill in the gaps.
with your applications, whether on-premises or cloud‑based. administrators the power they need to support users and devices with management for lower operating costs. Cloud-hosted solutions are ideal
SDKs so you can easily implement the solution into every application that Look for a solution with a centralized administrative dashboard for a Can you use your existing staff to deploy and maintain this solution, or will
your organization relies on. consolidated view of your two-factor deployments, and enables admins to: you need to hire more personnel or contractors to do the job? Ask your
+ Add and revoke credentials as needed, without the need to provision and
A solution that requires many additional resources to adapt and scale may
manage physical tokens
not be worth the cost and time. Evaluate whether your solution allows
13
I NTR O D U C TI O N S EC U R IT Y I M PAC T STR ATE G I C I N ITI ATI V E S C O ST O F OW N E R S H I P TI M E TO VA LU E R EQ U I R E D R E S O U R C E S TH E D U O A DVA NTAG E
Security Impact
TRUSTED USERS TRUSTED DEVICES SECURE EVERY APPLICATION
Duo’s authentication is built on the foundation of zero trust. Duo verifies When organizations deploy Duo, device trust becomes a part of the To secure every type of application, Duo’s solution easily and quickly
the identity of users and protects against breaches due to phishing and authentication workflow during the user login process for protected integrates with virtual private networks (VPNs) and remote access gateways
other password attacks with an advanced two-factor authentication applications. This enables Duo to provide in-depth visibility across like CA SiteMinder, Juniper, Cisco, Palo Alto Networks, Citrix and more;
solution, verifying trust in multiple ways before granting access. managed and unmanaged devices, however and from wherever the users enterprise cloud apps like Microsoft O365, Salesforce, Google Apps, AWS
Duo’s contextual user access policies let you create custom controls connect to these applications. Duo also verifies the security health and Box; and on-premises and web apps like Epic, Splunk, Confluence,
to further protect access to your applications based on type of users, and management status of endpoints before granting access to your Shibboleth and more. Duo provides APIs and client libraries for everything
devices and apps. applications, and blocks access if the device is unhealthy or does not meet else, including your custom and proprietary software.
You can easily ensure that users maintain appropriate device hygiene,
Duo verifies the identity of your users with two-factor authentication, and
the security health of their devices before they connect to your applications.
14
I NTR O D U C TI O N S EC U R IT Y I M PAC T STR ATE G I C I N ITI ATI V E S C O ST O F OW N E R S H I P TI M E TO VA LU E R EQ U I R E D R E S O U R C E S TH E D U O A DVA NTAG E
Security Impact
(continued)
Learn more about Passwordless. rules that continuously monitor logins to identify and flag unusual activity.
We are a very open organization and want employees to work from anywhere.
Box manages highly sensitive data for some of the largest organizations in the world.
As a result of this, we need to ensure the highest level of protection for all user
interactions with our services. We also need to meet an extremely high bar for
security standards while making it easy for users to be productive.
Duo helps us do just that.”
Mark Schooley
Senior Director, IT Operations & Engineering
15
I NTR O D U C TI O N S EC U R IT Y I M PAC T STR ATE G I C I N ITI ATI V E S C O ST O F OW N E R S H I P TI M E TO VA LU E R EQ U I R E D R E S O U R C E S TH E D U O A DVA NTAG E
any device, anywhere, so you can identify security risks before they lead new applications with Duo as your company grows, because there are distributed across multiple geographical locations for a seamless failover.
to compromised information. Get visibility into authentication attempts, no limits or additional charges per application. We believe that if you’re Duo is maintained independently from your systems, keeping you safe
including data on IP addresses, anonymous networks, blacklisted protecting a user’s access to your most important applications, you even in the event of a breach.
countries and more from Duo’s admin panel. shouldn’t be penalized or charged more to protect them everywhere.
platform, browser and plugin versions, including passcode, screen lock, full There are a variety of ways Duo’s 2FA can work. You can use a
disk encryption and rooted/jailbroken status. You can easily search, filter smartphone, landline (such as your office or home phone), tablet or
and export a list of devices by OS, browser and plugin, and refine searches hardware token. Authentication methods include mobile push, biometrics,
to find out who’s susceptible to the latest iOS or Android vulnerability. time-based one-time passcodes, bypass codes, security tokens, SMS
baseline of normal user behavior at the point of login. Once Duo Trust Learn about User Provisioning.
the security team identify suspicious activity and aid in the investigation of
compromised accounts.
on-premises hardware requiring setup and costly maintenance, Duo The Duo Mobile app (iOS, Android) and the Device Health app (Windows, security, and comprises top mobile, app and network security experts.
can be deployed rapidly; and it’s easy to scale with your growing users MacOS) are BYOD-friendly for remote access and can be used on many Duo’s operational processes are SOC 2 compliant. Duo’s two‑factor
and applications. Duo also supports SAML cloud apps via secure single different devices. Duo can maintain your device inventory so you have authentication cryptographic algorithms are also validated by NIST
sign‑on, including Google Apps, Amazon Web Services, Box, Salesforce clear visibility into what device is connecting, when and from where. Users and FIPS. Duo has achieved ISO (the international security standard)
and Microsoft Office 365. can download the app on their personal device without enrolling in device 27001:2013, 27017:2015 & 27018:2019 Certification.
login activity.
Duo Device Trust enables organizations to check and enforce the device
Duo’s security team includes some of the world’s foremost experts in Learn more about Security & Reliability
NO UPFRONT COSTS Other solutions may appear to come with a lower price tag, but the layers
With Duo’s two-factor authentication, you get the most upfront value with no hidden costs such as upfront, capital, licensing, support, maintenance, of hidden costs can add up fast, rapidly tripling TCO and offering less
operating and many other unforeseen expenses over time. Duo offers a simple subscription model priced per user, billed annually, with no extra fees for value overall. With Duo’s 2FA, you get the most upfront value with no
+ Easy deployment with the help of Duo’s drop-in integrations for + Conext leveraged from endpoint security agents and device ADMINISTRATIVE SOFTWARE/HARDWARE
all major apps and APIs, and an administrative panel for user and management systems Duo’s subscription-based model eliminates hefty software licensing fees
solution management + Self remediation to ensure devices meet your security requirements and includes administrator management tools, meaning there’s no need to
+ Automatic application updates, with patch management, maintenance + Insight on user login behavior in your environment and the ability to flag pay for top-dollar management software to use it.
+ Advanced features that let you customize policies and controls, as well + First steps on the journey to eliminate passwords and improve security AUTHENTICATORS
as get detailed device health data with passwordless authentication Users can download the Duo Mobile app to any device, eliminating the
+ A secure single sign-on (SSO) and authentication solution in one need to shell out for a fleet of devices to deploy to your workforce. Duo
along with mobile push, end users can authenticate via U2F, biometrics,
Other solutions may appear to come with of the costs that come with running a data center.
business continuity and high availability, Duo offers high availability maintenance and live support at no extra cost. and software security solutions that solve for isolated use cases, like
configuration, disaster recovery and data center management tools authentication, network access control, endpoint security, vulnerability
without busting your budget. ADMINISTRATIVE MAINTENANCE assessment tools, etc. with a single cloud service that provides
Duo makes routine tasks like adding new users, revoking credentials or two-factor authentication, device trust, single sign-on and
DEPLOYMENT & CONFIGURATION replacing tokens quick and easy, meaning your administrative resources adaptive policies and controls.
Duo makes deployment and configuration a snap. Your in-house resources won’t have to do another full-time job to maintain your Duo deployment.
Duo’s trusted access solution provides a comprehensive security platform
can install, test and troubleshoot Duo in just minutes.
that eliminates the need — and budget — for many disparate access
SUPPORT & HELPDESK
management tools that may prove difficult to fully integrate. The value is
END USER ENROLLMENT Duo has an extensive library of free resources to answer any and all
in consolidation, filtering out as much noise as possible and leveraging
With Duo, end user enrollment is a breeze — end users can simply questions you may have. Duo also offers live support at no extra cost, and
a comprehensive dashboard that gives a bird’s-eye view along with the
download the Duo Mobile app for free, enrolling themselves to get started with Duo Care premium support, you can receive 24/7 white glove service
ability to quickly assess granular details where attention is needed.
with Duo in seconds. for a small fee.
ADMINISTRATIVE SUPPORT
Duo offers easy deployment with the help of drop-in integrations
for all major apps and APIs, and an administrative panel for user and
solution management.
deploying to your entire organization, with extensive documentation with your applications, whether on-premises or cloud-based. Check Our responsive support team members have the security expertise to
and knowledge articles to help guide you through the evaluation stage. that they provide extensive documentation, as well as APIs and SDKs quickly assist you with any specific integration needs. Duo’s customer
View Duo’s documentation. so you can easily implement the solution into every application that your support service is included with your solution at no extra charge, with no
organization relies on. support contracts required. In addition, we offer extensive knowledge base
For faster and easier deployment, Duo provides drop‑in integrations for USER & DEVICE MANAGEMENT
Our end-user guide and detailed documentation are frequently updated
all major cloud apps, VPNs, UNIX and MS remote access points, as well Duo’s administrative panel allows admins to support users and devices
and helpful resources available on Duo.com. For more advanced
as support for web SDK and APIs. Quickly provision new users with bulk using one centralized dashboard. Log into the web-based portal to
deployments and specific SLA requirements, we provide Duo Care,
enrollment, self-enrollment, Microsoft Active Directory synchronization, or manage user accounts and devices, generate bypass codes, add phones
a premium customer support service with extended coverage and a
with the use of Duo Access Gateway for cloud-based applications. to users and more.
dedicated Customer Success team.
reducing help desk tickets and support time. latest vulnerabilities, you don’t need to hire a dedicated team to manage it. Duo is flexible enough to scale quickly, letting you easily add new apps,
Duo’s solution is flexible enough to scale quickly, letting you easily add new users, or change security policies as you grow.
20
Secure Everything,
Everywhere.
At Duo, we combine security expertise with a user-centered philosophy Duo Security makes security painless, so you can focus on what’s Duo Security, now part of Cisco, is the leading multi-factor authentication
to provide two-factor authentication, endpoint remediation and secure important. Duo’s scalable, cloud-based trusted access platform (MFA) and secure access provider. Duo comprises a key pillar of Cisco
single sign-on tools for the modern era. It’s so simple and effective, you addresses security threats before they become a problem, by Secure’s Zero Trust offering, the most comprehensive approach to
get the freedom to focus on your mission and leave protecting it to us. verifying the identity of your users and the health of their devices securing access for any user, from any device, to any IT application or
before they connect to the applications you want them to access. environment. Duo is a trusted partner to more than 25,000 customers
Duo is built on the promise of doing the right thing for our customers
globally, including Bird, Facebook, Lyft, University of Michigan, Yelp,
and each other. This promise is as central to our business as Experience advanced two-factor authentication, endpoint visibility, custom
Zillow and more. Founded in Ann Arbor, Michigan, Duo also has
the product itself. Our four guiding principles are the heart of user policies and more with your free 30-day trial. You’ll see how easy it is
offices in Austin, Texas; San Francisco, California; and London.
the sensibility: Easy, Effective, Trustworthy, Enduring. to secure your workforce, from anywhere on any device with Duo 2FA.
Duo.com