“Duo is one of only three things that I really enjoy working with on a daily basis. I would absolutely recommend Duo to any organization that’s considering it.”
— Allan Edwards, Senior Security Analyst
Eastern Michigan University has more than 25,000 students and 1,500 faculty and staff, serviced by a 60-person IT dept.
Needed to protect personal accounts, servers and the university infrastructure from phishing attacks.
Found Duo's Trusted Access solution that provides easy, usable security for their varied group of users.
Eastern Michigan University (EMU) is a comprehensive public university located in Ypsilanti, Michigan. EMU is composed of seven colleges and schools: Arts & Sciences; Business; Education; Health & Human Services; Technology, an Honors College; and a Graduate School.
They have more than 25,000 students, 1,500 faculty and staff, and are serviced by an IT department of about 60 people. EMU believes that their security solutions should be used across every population at the university - students, faculty, and staff.
We spoke with EMU’s Senior Security Analyst Allan Edwards about how Duo has worked for the university. Allan heads up security at the university, which is also an Academic Center of Excellence with the National Security Agency (NSA) for their Information Security program.
Allan and his team recognized that there were a number of compromised accounts, and they quickly determined that most of these were the result of phishing attacks.
EMU needed to protect the personal accounts of students, faculty, and staff, as well as the servers that they log into and the university infrastructure.
Finding a security solution that would work with such a varied group of users was a challenge. EMU needed a Trusted Access solution that assured users are who they say they are while still being incredibly easy for all of the university community, regardless of how they work and their level of technical knowledge.
When it comes to compromised accounts, Allan knew that the university needed something that could actually prevent phishing - and they felt that Duo was that solution. After choosing Duo, Allan and his team deployed to the entire institution.
“We rolled Duo out with user education,” he said. “We sat down with everyone and went through the enrollment process with them. We also rolled it out to the majority of the people in the IT department itself.”
Users like how easy Duo is to use, according to Allan. “The green and red buttons sort of gamify logging into various systems,” he said.
Duo’s goal is to make our Trusted Access solution as easy and hassle-free as possible for users. Happy end-users mean fewer help desks tickets and complaints to IT teams who already have enough on their plates when it comes to managing information security.
How do you protect your organization against attackers who take advantage of those potential vulnerabilities?
Allan and his team are forward-thinking on this problem, knowing it’s a growing issue. “One of our goals for next year is to upgrade to Duo’s Platform Edition,” he said. “The reason we want to use it is precisely because of the endpoint remediation tools that it provides.”
“When users are on an out-of-date Flash or Java or web browser - and when being out-of-date introduces critical vulnerabilities - we want to be able to make users aware of that,” Allan said. “We want to help them to take the [necessary] steps themselves to remediate that vulnerability. This empowers the user to do it directly, rather than creating work that a small IT department doesn’t really have time for in every case-by-case basis.”
“Duo is one of only three things that I really enjoy working with on a daily basis,” said Allan. “I would absolutely recommend Duo to any organization that’s considering it.”