Gain Visibility and Verify Device Trust Across Any Device
This is the first of a four-part blog series on how Duo helps organizations in verifying device trust. Device visibility is one of the primary tenets to achieve a zero trust security model, because without the ability to manage device trust access safely, network security could be compromised and workflows could be hindered.
The goal for any IT administrator or security professional is to keep global communication and business flowing seamlessly and safely, regardless of whether a device is a contractor’s BYOD (bring your own device) or an employee’s corporate managed. Today work is accomplished on premises and in the cloud. Visibility is important to verify and enforce device trust policies and block unsafe endpoints connecting directly to the cloud on unmanaged devices. Duo’s MFA - or two-factor authentication (2FA) - solution provides in-depth device visibility across all major operating systems for managed and unmanaged devices.
User Trust Vs. Device Trust: What Is the Difference?
Shadow IT and a lack of device visibility is a big area of concern as the remote workforce continues to expand remotely. The global mobile workforce is set to increase from 1.52 billion in 2017, accounting for 39.3% of the global workforce, to 1.88 billion in 2023, accounting for 43.3% of the global workforce.
At Duo, we are known as industry leaders in securing user trust through zero-trust policies and MFA. User trust simply extends the security perimeter to anywhere in the world the individual user is located and to whichever access device they use. Essentially, the perimeter is now wherever access happens.
Through easy-to-set-up policies and controls, IT admins can create requirements the user must meet (like software versions, location, job title, device, etc.) to gain access to all or defined areas of the business organization. Using policies and controls in conjunction with two-factor authentication dramatically decreases security risk of identity access theft due to phishing, spear-phishing and other malicious attacks. Establishing user trust is imperative as 90% of cybercrime starts with email, according to a report by Cisco. Most new federal and state compliance laws require 2FA security.
Device trust takes perimeterless user trust and extends security even further. Duo’s solution gives organizations more control over which devices can access corporate applications by blocking access attempts from devices that fail health and security posture checks. These checks include whether the OS version and the patch level is up-to-date, device encryption and host firewall are turned ON, password status and presence of 3rd party anti-malware or antivirus agent (eg: Cisco AMP for endpoints).
To satisfy the unique needs and preferences of each organization, Duo provides a broad, flexible device trust policy framework, and works with both cloud and on-premises applications. Administrators can also integrate with third-party solutions such as MDMs, UEMs, EPP, anti-malware/anti-virus agents and trusted endpoint certificates, by leveraging their capabilities in order to define trust.
Device trust, when paired with MFA, provides greater assurance that your users’ devices are secure, healthy and trusted, before they’re granted access to your applications.
Device Trust and Visibility For SMBs
The rise of the mobile workforce has seen an uptick in users working on unmanaged BYOD devices on unsecure networks (like airports and coffee shops). This surge in endpoints can be hard for an enterprise to track, and even harder for SMBs (small to medium-sized businesses) to track.
“A new survey says that 38% of remote workers hired by SMEs do not have the technological support or expertise they need when working at home or in a public space. While 72% of breaches actually occur at companies with under 100 employees.”
— According to Forbes
SMBs do face more risk, but visibility and protection is not out of reach. Small to medium-sized businesses have to do a lot with a little and make every investment count. Duo’s device trust solution has minimal impact on admin and user productivity, and empowers users to self-remediate device health and security issues if their access is blocked, without having to call in to a helpdesk. Duo was built to democratize security by creating an enterprise-grade cybersecurity solution that installs quickly, is easy to use and affordable for all businesses, whatever their size. SMBs can get the same great protection as big companies, despite their smaller budgets and fewer resources.
— According to Google Research
Device Trust and Visibility for the Enterprise
Even with trusted users, and good access policies, vulnerable devices can pose risks like malware, data loss, or users switching between managed access and BYOD. With thousands of managed and unmanaged devices connecting to an organization, getting a crystal clear view of device visibility can be tricky. Cloud apps allow users to connect directly into the cloud, often bypassing on-premises security checkpoints. While unmanaged devices are more vulnerable to malware and attacks without the protection built into the corporate infrastructure.
Further, Duo makes it easier for organizations’ to meet regulatory compliance (such as PCI-DSS, HIPAA and ISO 27001) by providing insights into all the users and devices accessing their applications and maintain relevant log information for reporting.
What large organizations really need today is a combination of user trust and device trust to achieve zero trust.
See All Managed and Unmanaged Devices Right Now
Duo’s cloud-based security platform offers the most comprehensive device trust capabilities so admins can ensure endpoints are compliant and thereby reducing the risk of data breaches due to risky and vulnerable devices because. Duo performs extensive health checks on any device - corporate-owned or BYO devices - when it matters the most, at the time of authentication. This way Duo becomes your central enforcement point access control when users login into that attempt to access any application. This means that our device trust approach supports Windows, MacOS, Android, iOS, and any other platform that may be supported by your endpoint management solution.
Sign-up for a free trial to experience the product and see how Duo can give you deep device visibility and get started with Device Trust.
Then check out our Device Trust webinar.
Extending Zero Trust for the Workforce with Device Trust
WHEN: Tuesday February 11, 1:00pm EST | February 11, 10:00am PST