Duo Security and Datto: More Than Just Another MSP Integration
Let’s face it, these days the information we keep online is too important to safeguard with a username and password — especially with target credential attacks becoming inherently more common.
In fact, according to Verizon’s 2020 Data Breach Investigations Report, 80% of security breaches involve compromised passwords.
That's why earlier this year, Datto, the world's leading innovator of MSP delivered IT solutions, partnered with Duo Security’s Managed Service Provider (MSP) Program to implement one of the most important resources for advanced secure access —two-factor authentication (2FA), sometimes referred to as multi-factor authentication (MFA).
“Datto is the largest BCDR vendor in the MSP market, and they understand how important security is to MSPs. We’re so excited to officially partner with Datto to bring the most loved company in security to their platform. Our partnership with Datto enables our mutual partners to utilize Duo with yet another internal platform that is critical to supporting their customers.” — Jacob Heisey, MSP Solutions Engineer at Duo
Here’s a Real MSP Breach Scenario
In the fall of 2018, Datto was tracking cyber security threats and noticed a shift. Rather than hackers targeting their usual Enterprise suspect, they were focusing more on hacking MSPs and small and medium businesses (SMB). According to Verizon’s 2018 Data Breach Investigations Report, 58% of data breaches resulting from compromised passwords came from SMB.
Here we are in 2020, and cybersecurity attacks have increasingly made headlines. It's an ever-evolving industry where criminals find new ways to attack or put a twist on an old threat. This year, Datto unfortunately experienced a small, targeted credential breach.
The attackers reused credentials that were compromised in the past from known breaches unaffiliated with Datto to access MSP’s client accounts (through one of Datto’s products). Although over 99% of the attempts failed, hundreds of valid accounts experienced a breach attempt. It only took one client without MFA and a recycled password to put the partners’ data at risk. This attack validated that Datto needed its partners to use MFA — and its partners’ clients to utilize this secure tool.
Datto’s Testimonial for Duo
Before rolling Duo’s MFA out to its entire partner database, Datto conducted a pilot program. Jeff Reingold, Sr. Vice President of Services and CTO at Panurgy, was one of the companies that participated. Panurgy had actually implemented Duo two years prior, seeing a need to have an additional layer of security for its organization.
“As an MSP, we have the responsibility to protect the data and integrity of our clients. We also have the responsibility to protect our own network. For the past two years, we have made MFA mandatory for our entire team.” — Jeff Reingold, Sr. Vice President of Services and CTO at Panurgy
Panurgy looked for a solution it could standardize across the organization and also help with monitoring and compliance reporting. After the implementation, Panurgy had the ability to see who was logging into the network, from where, and if there were device issues. One of Reingold’s favorite features is the Duo Push.
Duo Push Authentication
Duo Push allowed Panurgy’s employees to sign in simply and easily. They were also offered other options of their liking to sign in, such as a call, tokens and duo mobile. The largest benefit to Panurgy — it offered a second line of defense to its network.
Why Datto Selected Duo MFA: The Solution
According to Datto, there were several reasons as to why it decided to move forward with Duo as its preferred partner.
Duo has a strong relationship with its MSP partners
Duo’s user-friendly experience lets users enroll in multi-factor authentication and maintain the health of their own devices without having to go through a help desk
The licenses for MSPs are initially free
Resell clients have a new offering through Datto where they can sell Duo to end users
Controls over which factors are used within a company
Most of Datto’s users were familiar with Duo MFA and were already using the solution
With 2FA, Datto partners along with Pangury can now experience protection in the Datto Partner Portal while accessing critical applications for their business. Risks associated with compromised passwords are immediately minimized since the password alone is useless without the approval of the verified user through a second source of authentication.
Key benefits Datto customers can now experience include:
A unified login experience through SSO
Various approaches to authenticate, including Push and Yubikey
Device trust to ensure applications are accessed by the devices permitted
The ability to see, track and report all end users from a single dashboard
Learn About Duo’s Managed Service Provider Program
Duo’s MSP Program delivers security solutions that are simple to set-up and can easily scale with your business as a service. It enables partners to use Duo’s cloud-based, multi-tenant architecture to secure your customer’s environments within minutes, with no physical agents to deploy. Through this initiative, partners can ensure that only trusted users and trusted devices may access protected applications.
With Duo’s MSP Program, you can have:
Deploy without ordering
Multi-tenant management console
Excellent documentation and support
Assessments and tools
Check out the webinar below for more information:
Try Duo For Free
With our free 30-day trial and see how easy it is to get started with Duo and secure your workforce, from anywhere and on any device.