Zero Trust for a Global Remote Workforce
Companies today find themselves dealing with an increasing number of contractors and other third-party vendors accessing their critical data and applications. Often, such contractors never set foot on company property, and instead work from various locations around the globe. Lack of visibility into and control over devices and users can potentially put critical resources at risk.
A key component of any zero-trust strategy is to enforce controls so only approved users with healthy devices can access the resources for which they are approved. A solid workforce security strategy enables organizations the flexibility to work with third parties around the world while ensuring critical applications and customer data is safe. Cochlear implemented such a strategy with Duo and secured third-party access from more than 30 countries.
The Business Challenge
The IT security team at Cochlear runs a mature cybersecurity program that has supported the company’s global expansion while also protecting its customer data and Intellectual property. To bolster its security program, the team was looking for a modern MFA solution that can be easily deployed across geographies and scale as the business grows.
The Technical Challenge
A cybersecurity program is only as strong as its weakest link. Cochlear has a large global network of third parties such as partners and contractors, which adds complexity when enforcing access control policies. When third parties share credentials while accessing company resources, it increases the risk of credentials being compromised.
To prevent these bad security practices, the team at Cochlear looked for a multi-factor authentication (MFA) solution that gave administrators the visibility they needed to track the number of devices registered and access requests while also being easy-to-use for end users.
The IT security team at Cochlear evaluated several MFA solutions, and narrowed it down to two at the proof-of-concept (POC) stage. The team decided to go with the best-of-breed approach for their access management requirements. Cochlear chose Duo Security as their MFA provider due its ability to protect a broad range of devices and cloud applications.
Securing Third-Party Access to Critical Business Applications
A key use case for Cochlear was to improve security and user experience MFA solutions provided for third-party VPN access. Cochlear requires its vendors and contractors around the globe to use VPN in order to access business applications. Cochlear uses multiple VPN gateways to meet various regional requirements.
Duo MFA worked seamlessly with the company’s existing VPN solutions, such as Global Protect from Palo Alto Networks, and other applications. Cochlear was able to enforce MFA for all employee and third-party VPN access across various mobile device platforms. “We were able to track partner registrations and achieve 100 percent adoption in a quick time frame. We have seen a reduction in activities such as password sharing, which greatly reduces the risk of credential compromises,” says Victor Akkari, Cochlear CISO.
Easy Deployment That Scales to Meet Your Business Needs
The ability to deploy quickly and easily is critical for many IT projects, and Duo’s solution helped the team at Cochlear execute a global rollout plan seamlessly and on time.
“With offices in over 30 countries, we had to plan the deployment at a global scale” says Victor. We were able to deploy the Duo MFA solution across geographies such as Russia, China, Turkey and the Middle East without any problems.”