Duo Security now has offerings that are FedRAMP Authorized at the FedRAMP Moderate Impact Level by the Department of Energy. Duo's two federal-specific editions help public sector organizations secure data and critical systems with strong multi-factor authentication.
Duo offers two FedRAMP Authorized editions that deliver strong cloud-based authentication and device visibility tailored to the demands of public sector organizations. Duo Federal MFA and Duo Federal Access provide secure application access for federal agencies and other public sector customers to ensure only trusted users and trusted devices can access protected applications.
Federal MFA offers agencies federal-grade authentication, while Federal Access adds a stronger policy, which includes stronger role-based and location-based access policies, biometric authentication enforcement, allowing or denying access based on device hygiene and notifying users to self-remediate out-of-date devices.
Duo federal editions provide FIPS capable implementations from end-to-end for easy-to-use access control and authentication.
Duo federal editions remove telephony authenticators to align with NIST SP 800-63-3b, which considers telephony “restricted authenticators.”
Duo federal editions cost the same as Duo standard editions: $3 per user for Federal MFA and $6 per user for Federal Access.
Both Duo federal editions support Authentication Assurance Level 2 (AAL2) authenticators with Duo Push or Duo Mobile Passcode for both iOS and Android Devices out of the box and by default with no additional configuration required. Duo also supports AAL3 authenticators, like U2F security keys (FIPS YubiKey from Yubico) and compatible HOTP keyfobs.
Duo’s federal editions protect on-premises, cloud and hybrid applications for all federal workloads and ensure device health - wherever you are in your cloud and IT modernization journey, Duo federal editions deliver the best defense.
Duo Federal MFA and Federal Access Editions are built in alignment with NIST 800-63-3 (Digital Identity Guidelines) and FedRAMP security controls to help your organization achieve federal and public sector compliant authentication and access control security objectives. Both editions provide end-to-end FIPS capable implementations and help organizations meet regulations such as:
Duo participates in many federal government contract vehicles, making it easy for public sector organizations to buy Duo Federal MFA and Duo Federal Access. Duo is also approved by the Department of Homeland Security (DHS) and is listed on the Continuous Diagnostics and Mitigation (CDM) Approved Product List (APL), which can be found on the General Services Administration’s (GSA’s) CDM website.