Press ReleaseSeptember 30th, 2013
Facebook Secures Employee Access Using Duo Security and Yubico for Two-Factor Authentication
ANN ARBOR, MI and PALO ALTO, CA — Duo Security, the innovative leader in cloud-based two-factor authentication, and Yubico, the leading provider of simple, open online identity protection, announced today that Facebook has successfully deployed Duo Security and YubiKey two-factor authentication technologies across its enterprise.
In order to securely authenticate software engineers to production networks and servers, Facebook needed a solution that provided extremely quick and easy authentication, a fast rollout to employees, and the flexibility for multiple authentication options. After careful consideration, the company deployed solutions from both Duo Security and Yubico. When coupled together, the respective technologies successfully addressed Facebook's authentication priorities — placing equal emphasis on usability and security.
This complementary combination of two-factor technologies include multiple authentication methods — push, SMS, mobile, voice — of cloud-based authentication from Duo Security, and the YubiKey Nano device from Yubico.
"Facebook is a very fast paced environment and we needed technologies that would allow us to maintain that pace," said John “Four” Flynn, Information Security Manager at Facebook. "Because of the ease of use of Duo Security and Yubico authentication technologies, we have seen minimal support and overhead costs. Other technologies, such as traditional OTP-based hardware tokens, smart cards, and biometrics didn't fully support our need to allow multiple and rapid logins to SSH sessions."
Together, these two innovative technologies allow Facebook employees and developers to quickly authenticate using the YubiKey Nano, while offering the tremendous flexibility and ease of use from Duo Security.
With Duo, users are given a choice of device and method each time they authenticate. Additionally, Duo supports all phone types, from smart phones to landlines, and lets users authenticate with a variety of authentication factors including the YubiKey.
The YubiKey Nano is the world's smallest one-time password token, and is designed to stay inside the USB-slot once inserted. To authenticate, users simply press the device and a pass code is instantly and automatically entered, there is no need to physically re-type pass codes.
Recently, a team from Facebook gave a presentation to the Center for Education and Research in Information Assurance and Security (CERIAS) Seminar at Purdue University, explaining how the company utilizes Duo Security and YubiKeys to provide two-factor authentication for the company. The presentation provided thoughtful insight into the security culture of Facebook and how that led them through the evaluation and implementation decisions of their two-factor authentication deployment.
View the recorded presentation at duo.sc/facebook-purdue.
More information on the authentication technologies used by Facebook can be found at www.duosecurity.com and www.yubico.com.
About Duo Security Duo Security is the world’s leading cloud two-factor authentication service. Duo’s patented technology enables organizations to protect their logins in as little as 15 minutes. Over 2,500 organizations in more than 80 countries rely upon Duo Security to protect their networks, services, and applications. Learn more and try it for free at www.duosecurity.com.
About Yubico Yubico is the leading provider of simple, open online identity protection. The company’s flagship product, the YubiKey®, uniquely combines driverless USB and NFC authentication hardware with open source software. More than a million users in 100 countries rely on the YubiKey for securing access to networks, computers and online services. Customers range from individual Internet users to e-governments and Fortune 100 companies. For more information, please visit yubico.com.
Media Inquiries Contact