Skip navigation
Financial Services Security

Securing Access to Financial Data

Secure financial data and online transactions, and meet FFIEC, NYDFS and NAIC regulations with Duo’s trusted access solution.


Verify users' identities with Duo's multi-factor authentication (MFA) to protect financial data and online transactions from criminals. The FFIEC, NYDFS Cybersecurity Regulation and NAIC mandate the use of MFA to protect access to sensitive data for financial institutions, insurers, banks and many other organizations.

Duo's MFA and trusted access solution can help you comply with regulations and protect access by every user, device and application.

Multi-Factor Authentication

The FFIEC recommends against using one form of customer authentication to protect online transactions and accounts. NYDFS Cybersecurity Regulations require MFA to securely connect to internal networks for financial organizations that operate or conduct transactions in New York.

Duo's MFA offers a more secure and easy-to-use method by sending push notifications to users' smartphones via Duo Mobile. Plus, Duo’s other methods support all types of login scenarios, including offline users or those without smartphones.

To meet compliance and pass audits, you need to protect your mix of cloud, older on-premises and custom apps. Duo integrates with more apps regardless of where they reside - protecting hybrid environments, remote access VPNs, single sign-on and more. To support remote employees (insurance agents and financial planners), Duo offers easy self-enrollment and automated enrollment options to ensure successful deployments at scale and reduce help desk tickets.

Device Visibility & Policies

To support insurance agents as contractors using their own personal devices, Duo provides greater device insight without an intrusive agent. Get visibility into all user devices - including corporate or personally-owned laptops, smartphones, desktops and PCs. Detect devices running out-of-date software, and identify endpoints that are jailbroken, rooted, tampered with, unencrypted and more.

Useful for daily, weekly or monthly compliance audits, Duo’s reports give you detailed insight into user and device risks that can easily be exported.

Adaptive Authentication

Based on a risk assessment, NYDFS requires that financial institutions use effective controls such as risk-based authentication (also known as adaptive authentication) to protect against unauthorized access to their information systems.

Duo's solution lets you set policies to block access attempts based on an individual or group, geolocation, network type and device security. Enforce stricter login controls for unmanaged, personally-owned devices used by third-party service providers. Require encryption or enabled passcodes, and block access by devices without enabled security controls.

Risk Detection

Proactive access security requires continuous vigilance. With Duo Trust Monitor, you can consistently monitor for access risk. Duo Trust Monitor ingests all authentication logs and analyzes them with machine learning to uncover anomalous or risky access attempts. These events are surfaced within the Duo Admin Panel, but can also be easily exported via API to other security tools.

  • “We loved Duo’s speed to security, the experience working with their subject matter experts, the time and money we save with the ease of integration, and the overall end-user experience.”

    — John Bryant, Chief Technology Officer, Options Technology Ltd.
  • “Duo is easy to set up, easy to implement, and easy for the users to register and use.”

    — Tom Burns, IT Senior Vice President, Sterling Bank
  • Duo has been great for us. They had all the resources, integrations, and flexibility we needed and we’ve had no issues whatsoever. I will continue to use it and recommend it to others. It’s so easy.

    — Robert Lavigne, IT Security and Compliance Manager, CFFBank
  • I have done countless implementations of various systems and services over the years and the implementation of Duo’s 2FA solution was easily one of the most simple and quick that I have ever been a part of. I had Duo’s 2FA solution implemented and working with our VPN in about 30 minutes.

    — Mickey Twyford, Assistant Vice President Network Operations, Citizens Union Bank