Ensure only the most up-to-date and healthy devices can access your applications.
To truly protect every application, visibility is critical. Duo provides insight into every device that's accessing your information — whether it's a personal device or corporate-owned. You can access that information easily and at any time with extensive user and device reports, available through Duo’s Admin Panel.
“One thing that comes to mind when I think of Duo is ‘peace of mind.’ I know that only authorized personnel are accessing our servers and services, which is priceless.”— Ramesh Sivaraman, Senior System Administrator, G4S
Using Duo's logs, reports, or Trust Monitor events, you can create custom access policies based on different parameters to fit your security needs. For example, with Duo's privileged user control, you can block any devices running an older version of Flash or Internet Explorer from accessing your applications.
You can also protect against vulnerabilities that exploit known software flaws on your users’ risky devices to install malware or get access to company applications by automatically blocking them with Duo’s Endpoint Remediation.
Secure critical applications and data by restricting access only to corporate devices. Duo has the ability to detect if a device is unmanaged and is attempting to access a sensitive application. Duo can then enforce access controls and will explain to an end user why they’re being blocked.
With Duo’s Trusted Devices and Networks, you can give your users faster access without compromising security. Similar to a “Remember my computer” option, you can designate users’ devices and networks as trusted to allow your users to log in without completing the two-factor process each time.
Gain faster time to security by notifying and enabling your users to update their own out-of-date devices at login with Duo’s Self-Remediation, saving administrator time and resources.
By prompting your users to update, you can close security gaps faster and protect against known vulnerabilities.
Designate certain devices and networks as trusted, giving your users faster and more secure access.
Trust your users’ computers after initial authentication, and let users log into your applications without completing two-factor authentication each time.
By flagging trusted networks with listed IP addresses or CIDR blocks, you can develop policies to require strong authentication for certain web-based access to company services.
This guide examines how enterprises can ensure the trustworthiness of devices that access their applications.