New Enhancements to Duo’s Trusted Access Focuses on the Security Fundamentals
What does it take to be successful in protecting your organization from cybersecurity risks? Security utopia would be a completely isolated environment, on an island, protected by sharks with lasers (think Dr. Evil’s headquarters). Ninety-nine percent of companies don’t have this secret hideout and require a dynamic environment to keep up with the demands of their business and workforce. This makes security challenging.
These challenges range in complexity and severity. From making sure your employees are equipped to spot targeted phishing campaigns to ensuring your security strategy aligns to the business while reducing overall company risk. These are not easy problems to address and require diligent planning and disciplined execution. They also require the support and voice of the executive leadership team.
It may be overwhelming to determine where to start or what direction to take. Don’t worry, we have your back. Duo Security is in the business of helping you tackle your cybersecurity challenges with our innovative Trusted Access platform. Over the first half of 2017, we have continued our innovative approach to security and are excited to announce additional enhancements to our platform. These enhancements strengthen the value of our Trusted Access vision and will help you build and maintain a highly successful security program.
Our approach - provide a trusted platform focused on security, ease of use and reliability. Our platform allows you to reduce complexities and confusion caused by point solutions while providing you greater control and visibility in your environment. We have coupled this with a design belief that security technologies should provide increased productivity and a pleasant user experience.
Superior Access Experience
NIST 800-53 recommends security controls for federal information systems and organizations and is a great framework to reference when determining cybersecurity risk priorities. A key recommendation is to implement strong multi-factor authentication for local and remote access.
Common attacker methodology targets unsuspecting users with phishing campaigns. Their objective is to compromise user credentials and leverage them to pivot deeper into the organization. To compound this, four in ten users tend to use the same passwords for most websites, according to a recent study by ofcom.org.uk. Can you blame them? Your company may have countless applications that are independent and require unique logins. What this means, however, is that one compromised account could provide access across many different systems.
Duo’s Secure Single Sign-On (SSO)
A way to mitigate this risk is to provide your users with easy access to these resources via Duo’s secure single sign-on (SSO). This, coupled with multi-factor authentication, will ensure the stolen password is as valuable as sand in a desert. We now provide our secure single sign-on for free for all Duo customers. Curious to learn more about Duo’s SSO and how it can help? Check out Now Available: Secure Single Sign-On for all Duo MFA Customers for more information.
Username Aliases to Support Multiple Usernames
We understand that each environment is unique and complex and that a user may have multiple usernames across these different systems. These systems may not speak the same username language (email address, sAMAccountName, userPrincipalName).
We now support username aliasing, which allows each Duo user object to have a parent username with four aliases, providing a total of five usernames per person. Our recent article, Solving the Identity Crisis with Username Aliases provided more information around this new and exciting functionality.
This combination provides an organization with the capabilities for seamless and secure access management.
Increased Visibility Across Your Environment
The Center for Internet Security (CIS) provides a prioritized list of the Top 20 actions a company should take to mitigate known cybersecurity risks. The first, and highest priority, is an inventory of authorized and unauthorized devices.
Duo’s Trusted Endpoints Allows for Mobile Security Visibility
Duo’s Trusted Endpoints enables your organization to quickly and efficiently accomplish this by providing native integrations with your existing EAM and mobile device management (MDM) inventory systems, which allows you to mark devices as trusted or untrusted. You can then easily garner visibility into the devices in your environment by leveraging our dashboard or by pulling this information via API to your internal tools.
Some organizations are faced with the challenge of not having an inventory system for their mobile devices, especially in BYOD environments. Trusted Endpoints can now leverage the Duo Mobile application for visibility into the security posture of the mobile device.
This visibility can then be married with policies to ensure mobile devices meet security baselines including passcode, encryption and screen lock prior to granting access to any application. Our early customers have found this to be an ideal solution for visibility into authorized or unauthorized mobile devices. Their benefit has been twofold because it also allows them to enforce basic security requirements on mobile device access without needing an MDM.
Security Checkup for iOS and Android Devices
To help your users understand what is required of them to have an authorized mobile device, we have introduced Security Checkup, available through the Duo Mobile app for iOS and Android devices.
This empowers them to improve the security posture and to maintain the security hygiene of their mobile device.
It also provides a friendly list of common security options that are being checked by Duo, and if their mobile device adheres to them. If there are any issues, easy-to-follow instructions on how to remediate are presented.
Users will not need to bother stopping by the IT helpdesk. Learn more about Duo’s Security Checkup in Mobile Device Security Made Easy with Duo’s Security Checkup.
New Reports for Visibility into Deployment and Authentication
In order to provide you with a greater understanding into your Duo deployment and give you additional visibility into the users and systems in your environment, we will also be launching two new report types.
Deployment Progress provides you information on the state of your Duo enrollment across your organization. Quickly determine a breakdown of which users have successfully authenticated, have not authenticated but enrolled, not enrolled and your unused license count.
Successful Authentication provides information about the success rate of authentications, authentication activity over a period of time, authentication methods and top applications. It provides a great high-level understanding of how your organization is leveraging multi-factor authentication and the way it is being used by your organization.
Both should be shared liberally with your leadership teams.
Improved End User Experience
We design and build our product for the end user, focusing on simplicity and ease of use. With the annual fall release of new mobile devices, like the iPhone 8 and X, and the Google Pixel 2, as well as users’ affinity for the latest and greatest mobile consumer technology, we are excited to announce Duo Restore. This enables Android and iOS Duo Mobile users to back up their Duo-protected accounts and easily recover them when they get a new device.
We Are Here to Help - It’s How We Do Business
The beginning half of the year has been very exciting for us and we look forward to wrapping up the second half of 2017 in typical Duo style. It is our hope that our Trusted Access platform and the enhancements that we have highlighted above will continue to help you protect and secure your environment. We know that security is challenging and we are here to help. We are confident that through a trusted partnership, we can help you realize your security goals.
As always, we are open to your feedback and appreciate the opportunity to learn from you.