Skip navigation

Enterprise Information Service Provider

“Easy to integrate. Works well for our customers. Great support.”
— Software Engineering Director

Highlights

Large managed services provider needed to secure access to customer web portals to keep proprietary data safe

Needed a variety of authentication methods to satisfy a diverse customer base, as well as a lightweight solution with minimal necessary support

Chose Duo for variety of authentication methods, cost-effectiveness and overall confidence and trust in the company’s history

Note: As a security company, Duo respects that some of our customers prefer not to publicly state which solutions they use. In that spirit, we have removed the client name and identifying details from this case study.

As a large managed services provider, this firm is in the business of providing secure access to customer data.

The Challenge

In order to do that, they needed to ensure that IT department customers could securely connect to their customer web portal in order to protect access to proprietary customer data. That’s when they turned to a new form of two-factor authentication; seeking a resilient solution that combined both security and usability.

Why Choose Duo?

The large information company chose Duo Security’s two-factor authentication solution for its variety of authentication methods, including Duo’s smartphone app, Duo Mobile that lets users authenticate via push notifications. Duo Push was one deciding factor that led the company to leverage the convenience and flexibility of using a smartphone as an authentication device.

Other desirable authentication methods include phone callbacks and SMS passcodes, giving users plenty of options in case they don’t have Internet access, but still need to log into their customer portal.

The firm also chose Duo’s solution because it required minimal ongoing support and maintenance, freeing up their administrators’ time and resources. Their confidence and trust in Duo as a security company also influenced their decision over using other two-factor solutions provided by competitors.

“Authentication seems to be low-hanging fruit for tech startups. Security folks know it is a hard problem to solve and people think they can solve it with technology only, but it’s really a combined tech and human problem (user behavior). I looked at a number of different and innovative solutions, many of them from startups, but Duo stood out as having a complete solution and a good business model. Duo is going to be around for the long haul.”

Their Pain Points

They had a few initial concerns when it came to deploying a two-factor security solution for their customers, including connecting remotely across different locations, as well as with limited network connectivity.

Setting up the solution was another concern, according to their software engineering director. Integrating two factor with third-parties, provisioning users and general deployment brought up worries of potential barriers to security, as is common among any complex enterprise IT infrastructure model.

Managing different authentication options was also a priority for the large company. Different customers of theirs had different needs; for example, some customers had security concerns with using an application for authentication, while other customers had privacy issues with supplying a phone number to authenticate.

The Solution

Duo addressed their concerns by providing a diversity of methods to satisfy customer concerns over privacy and security with using either a mobile application or phone callbacks/SMS codes to authenticate.

With the support of mobile applications, phone callbacks, SMS and tokens, customers could choose what method was right for their organization’s security profile.

“User behavior and preferences are very hard to predict, but we need to keep our users happy,” said their software engineering director. “We have customers all over the world and Duo offers a variety of methods that give all our users, regardless of their preferences and behaviors, the balance of security and ease of use for our users.”

Duo’s authentication method policy feature also allows administrators to limit which authentication method is available for their users, while groups management lets them easily customize security settings for different types of users.

The Deployment

With one thousand current users and growing, the firm has the app implemented in U.S. data centers and used by customers around the world.

Integrating Duo’s two factor with their VPN, web applications, UNIX and custom web applications was very easy and straightforward, with zero challenges during deployment, according to their software engineering director.

Starting with a test environment, and then rolling it out with production, the company went with automatic enrollment on their customers’ first use of two factor. Administrators love that customers can still use two factor even when they’re not using their primary computer. Administrators have also leveraged Duo’s Admin APIs to add users to their database.

“Easy to integrate. Works well for our customers. Great support.”

Ready to Get Started?

Try out Duo Access for 30 days to get the full Trusted Access experience.