Democratizing Security to Secure DemocracT
There are two schools of thought when it comes to access security: one is to adopt a traditional perimeter security-based model and keep everything inside corporate walls in hopes to maintain security; the other is to adopt a modern, zero-trust security model, which assumes no one is more trustworthy, regardless of whether or not they’re inside that perimeter. At Duo Security, we subscribe to the latter.
When I first came to Duo, I cringed when I first read one of our beloved taglines: "democratizing security." I've met many security professionals, and I thought they may misinterpret what we meant. To them, security was secure because of the inherent complexity and difficulty. It meant building ‘high walls’ in the form of that presumably secure perimeter and keeping people out. The idea of democratizing security could offend those who've spent a career building those high walls around the network.
But the more I learn about the various challenges facing cybersecurity professionals at the state, local and federal level, the more I think the idea of democratizing security is perfect; especially when we consider everything public sector agencies are trying to secure, such as elections, first responders and public safety, and war fighters, and their need to access all things legacy and cloud. It seems an impossible task to implement a single multi-factor authentication (MFA) solution for any user, any device, anywhere, any time. Like many political promises, the promise of Duo and zero trust seems too good to be true. It’s not. It's true.
Recently, one public sector customer told us how they have many, many different workflows, each with a different authentication process. He sarcastically said, "If you work in one group you have to do five push ups and 10 sit ups to get access, while another group may have to do three laps and 10 push ups. It's impossible to keep up with. It’s expensive, complex, etc." In response, our team told him, "With Duo, it's the same authentication process for EVERY workflow, whether it's a cloud application or legacy on-prem ‘stuff,’ from every device – AND – it's a 10x reduction in TCO.” They immediately asked to do a TCO calculation for themselves.
Another small town official said that some of their local officials serve in multiple capacities. Some who serve on fire and rescue are also on the school board and subsequently need access to different applications when serving in one capacity or the other.
I was reading this StateScoop article, Wall That Damn Thing Off, and was again reminded of all the various complexities and co-dependencies that state CIOs face and how the old security model is passing and something new is rising, and they are caught somewhere in between looking for a bridge from the old way to the new. “There are things that keep CIOs up at night,” the article states. “A lack of dedicated funding for security, complexity of malware and number of devices coming into network. Before, we were able to build a moat around the data center. Now that dwindling edge is disappearing.”
The wall around the resources is not as useful as it once was, no matter how high and wide you build it. It's being jumped and burrowed under by users who want access. Users are democratizing access whether we like it or not. But that's precisely what Duo CEO and Co-Founder Dug Song meant when he said Duo is democratizing security. They are rising up and demanding democracy – “equal access” – and the old, antiquated methods of enforcement can't keep pace with the user unrest.
Duo doesn’t try to bend the old paradigm to fit the new. Instead it created a whole new security paradigm that allows us to have access and security. This is precisely where Duo fits in the public sector. Duo supplies the cloud middleware that can provide users the access they seek while increasing security and reducing complexity and costs.
So, whether you are a soldier, election official, police, fire, rescue or simply trying to gain access to applications to do your job, Duo allows secure access for any user from any device, anywhere, anytime – without having to climb over a wall. Easy and simple.