Managing Security for a Large Group of Companies
APM’s IT team manages the IT infrastructure and all the service desks for the entire group of companies, including all the networks, all the authentication tools, identity management programs, the web servers, and the entire web environment.
Brad Rosenberger, Director of IT Infrastructure at American Public Media: “The trust that’s placed in us is extremely critical and we’ve got to be sure we operate in a secure environment. If we were to have a breach and violate that trust, it would be devastating to us. Really, it’s the public who funds us. We have a large base of member donors who are very committed to public radio in general and its mission. We have a strong need to maintain security and protect our intellectual property.”
Why Two-Factor Authentication?
“I’ve been seeing a lot more phishing attempts and social engineering attacks,” said Alex Gitelzon, System Administrator at APM. “Just the sheer number in the last month is mind-boggling.” And those phishing attempts have gotten better and more sophisticated. “We have been seeing a lot more emails come through that just look real,” said Alex. “It was definitely a big worry. It was something we knew right away that we need something. We can’t just rely on the passwords thought up by users. Password policies only go so far.”
Brad’s team called Duo during the process of researching two-factor authentication solutions. “By the time we were done with the call, we already had a demo set up and were ready to actually start testing,” said Jess Probasco, Senior Network Engineer at APM.
When Brad first saw Duo in use during the testing process, he told his team, “We’re done. Stop. This is the tool we want to go with.”
APM was able to roll Duo’s two-factor authentication out in two weeks to their entire organization. “After we installed Duo and after we rolled it out to everyone, it just worked,” said Alex.
Why Did American Public Media Choose Duo?
“The reason we went with the Platform Edition is it provided us incredibly richer insight into how our employees are using the tool,” said Brad.
With the knowledge that many organizations are being pushing toward a Bring Your Own Device model (or BYOD), APM wanted to proactively get the visibility and insight they needed into what employee-owned devices are trying to access their networks. They have an eye on eventually creating policies and controls to mitigate the risks that outdated and vulnerable devices can present to their organization. “If Duo gives us that capability on top of everything else it already does,” said Alex, “that’s great. It’s just a bonus.”
Would You Recommend Duo?
“I would highly recommend Duo Security to any company that is interested in multi-factor authentication,” said Brad. “In fact, if you’re not doing multi-factor authentication today, both in your personal and your work environment, I would say I think you’re short changing yourself.”