Skip navigation

Duo Security Protects onPeak's VPN & LDAP Infrastructure

I would absolutely recommend Duo Security. Their documentation is killer, their pre-sales support is killer...It’s been a really easy implementation for us, and we’ll continue to use it for our two-factor needs. - Perry Straw, Director of Infrastructure and Security, onPeak

onPeak logo Our latest case study is with onPeak, a company that provides a web-based and mobile app for event organizers that need to book group hotel room reservations, helping them find lower room rates and higher priority points with one simplified interface.

Since onPeak processes credit card transactions online, they needed to meet PCI DSS compliance, specifically, standard 8.3 that requires retail organizations to:

Incorporate two-factor authentication for remote network access originating from outside the network by personnel (including users and administrators) and all third parties, (including vendor access for support or maintenance).

Those factors must be two of the three: 1) Something you know, such as a password; 2) something you have, like a smartphone or token device; 3) and/or something you are, like a biometric. Find out more about the two-factor requirements and PCI DSS in Retail and E-Commerce: PCI DSS Compliance.

onPeak also needed to replace their existing clunky and older two-factor authentication solution, Phonefactor, which was acquired by Microsoft while they were still using the solution. They also didn’t want to switch to RSA, which they found required an expensive upfront investment that included hardware. Their search for a lightweight, web-based technology that integrated seamlessly with theirs led them to Duo Security.

Their main goal was to protect their entire IT workforce comprised of systems, developers, QA and product teams that need access to onPeak’s networks in order to write code. They integrated Duo Security’s two-factor solution with their Cisco ASA VPN and LDAPS infrastructure.

Find out more about their deployment experience and watch a video testimonial in the onPeak Success Story!

onPeak Video Testimonial

Interested in learning about other happy Duo clients?

Facebook

The social media giant uses Duo’s two-factor to protect more than 10,000 internal employees, including their developers’ thousands of daily SSH sessions.

Using a combination of a Yubikey and Duo, Facebook’s security team found a solution that combined fast deployment, strong security, great usability and flexible authentication methods with minimal support overhead. Read more!

Etsy

With well over 600 users spanning 4 different continents and nearly a dozen countries, Etsy uses Duo’s two-factor authentication solution to protect their remote access solution, log viewing systems, SSH and custom-developed internal systems, used by everyone at the company.

Etsy administrators loved the JSON output and easy-to-use APIs, as well as the simplicity of creating new integrations. Read more!

Eventbrite

Processing more than two billion dollars worth of tickets and hosting millions of events on their platform, Eventbrite needed to secure their assets and user information, as well as meet PCI DSS compliance.

They chose Duo Security’s two-factor authentication solution to protect their SSH, website, internal administrator tools and more. Read more!

Yelp

As one of largest online business review websites, Yelp’s operations spans more than 24 countries. They use Duo’s two-factor to secure remote access to their network via SSH and VPN connections. Read more!

Threadless

Threadless sells crowd-sourced merchandise printed with original designs crowd-sourced by artists. They needed to meet PCI DSS compliance and implement security, so they chose Duo’s two-factor to integrate with their Juniper VPN, effectively replacing their RSA solution already in place. Read more!

Tagged: cisco vpn, ldaps

Thu Pham

Information Security Journalist

@Thu_Duo

Thu Pham covers current events in the tech industry with a focus on information security. Prior to joining Duo, Thu covered security and compliance for the infrastructure as a service (IaaS) industry at Online Tech. Based in Ann Arbor, Michigan, she earned her BS in Journalism from Central Michigan University.