Skip navigation
A doctor holds a mobile phone, overlaid with a color filter of Duo green
Product & Engineering

Cisco Duo Enhances Epic Mobile Apps Security

Controlled substance prescriptions are tightly controlled to protect the public from abuse. Therefore, government agencies like the DEA and FDA have created policies and procedures for the prescription of controlled substances to ensure they get into the right hands.

Epic logo

Epic is one of the leading software providers for systems that manage electronic healthcare records (EHR). “More than 250 million patients have a current electronic record in Epic.” Epic for Electronic Prescriptions for Controlled Substances (EPCS) allows physicians, with the authority to do so, to transmit prescriptions for controlled substances electronically to pharmacies. Epic’s new flagship EPCS healthcare management mobile apps Haiku and Canto integrate with Cisco Duo to provide multi-factor authentication (MFA).

The challenge

According to a recent study by ESG, sponsored by Duo, “76% of organizations have experienced multiple account compromises over the past year.”

Subsequently, the FDA mandates support for many security protections, including MFA, to protect against these stolen credentials and weak passwords.

The Android logo, the OpenID Connect logo, and the Apple logo

The solution

Cisco Duo Security is a leading healthcare MFA provider. Duo uses a zero-trust security model by establishing trust in users and devices through authentication and continuous monitoring of each access attempt, with custom security policies to protect applications. Duo integrates with Epic Haiku and Canto mobile apps seamlessly to provide a strong second authentication factor to protect patient electronic health records. The apps utilize OpenID Connect (OIDC), a popular mobile authentication protocol that is broadly supported by Duo. Together, they enable providers to submit e-prescriptions on their mobile devices.

What’s new

Duo has added a new mobile device biometrics policy to disable fallback to PIN on mobile access device when biometric verification fails. This helps customers who integrate Duo with Epic Haiku and Canto mobile apps follow DEA compliance requirements for EPCS.

Screenshot of the mobile device biometrics options in the admin panel


Cisco Duo is a cornerstone in healthcare MFA and is leading the fight to secure mobile apps like Epic Haiku and Canto with the latest protection technology. Duo provides the foundation for a zero-trust security model by establishing client trust before granting access to applications, ensuring secure access for any user connecting to Epic.

Duo logo