Frustrate Attackers, Not Users
Sometimes strong security can be its own worst enemy. One misspelled password can send a normally trusted user to Help Desk ticket timeout, waiting in queue for their workday to restart. Frustrated employees may seek to avoid the headache by avoiding security and compliance measures, jeopardizing the entire enterprise.
Why make everyone jump over the same hurdles, every time? Cisco Duo's approach to risk-based authentication reduces the burden placed on your trusted users so they can verify their identity quickly and get back to the task at hand.
.svg)
Deploy Machine Learning (ML) - Powered Risk Assessment
Duo's algorithm assesses risk signals to determine where a login attempt exists on a customizable spectrum of trust. System administrators can rely on Duo to react automatically to risk signals and increase or decrease verification requirements, without manual setup for individual users or applications.
I was blown away with the simplicity of Duo’s MSP program. They removed all the upfront expenses and commitments that prohibit newer MSPs from partnering with a vendor…. Duo’s product is so easy to use that it didn’t require a large engineering investment to get up to speed." Read the Customer Story
— Scott Brion, Director of Cybersecurity, Arraya Solutions
Enforce Location-based Policies Accurately While Preserving Privacy
Most contextual access controls rely on just IP addresses, making the location signal noisy and ineffective when using VPNs. Enter Duo's patent-pending WiFi Fingerprint technology. It creates an anonymized fingerprint of the wi-fi networks available to a user's device to detect a change in location at the time of authentication. This helps to improve accuracy, reduce false-positive while preserving user privacy. If location has changed, Duo can automatically step-up authentication requirements. Other strong security, easy access features include:
- Single sign-on
- Granular and contextual access policies
- TouchID on macOS and Face ID/Touch ID on iOS
- Windows Hello, Android Biometrics, and security keys (with biometric verification) when using Duo Passwordless
Detect Known Attack Patterns and Prevent Unauthorized Access
Enable Duo's Risk-Based Factor Selection to automatically step-up to phishing-resistant authentication methods using FIDO2 when known attack patterns are detected. Duo's algorithm considers the history of authentication activity from a single user or for a collection of users across the organization to detect patterns of attack.
Enable Self-Service for Users to Meet Your Organization's Security Requirements
Other access management solutions only offer two outcomes: Block or Allow. A blocked account can bring the workday to a screeching halt for your user and the IT manager who's asked to reinstate access. Duo empowers users to remove their own roadblocks. They can reset their own Active Directory passwords, or if their device is out of compliance, they are given step-by-step instructions to update their system and regain access.
Cisco Duo's approach to risk-based authentication reduces the burden placed on your trusted users so they can verify their identity quickly and get back to the task at hand. Try it free!
