They wanted to be known as the site where millions of people found a great job, not the site where millions of people’s private information was stolen.
As the leading pay-for-performance recruitment advertising network, this global job site drives millions of targeted applicants to jobs in more than 50 countries, and is a source of high quality candidates for thousands of companies.
With an expanding number of employees and a growing public presence, security was becoming a pivotal issue. Every time they opened the pages of the Wall Street Journal, there was another story about a major security breach. So the VP of Operations made the decision to “…lock down the access points into the company.” They wanted to be known as the site where millions of people found a great job, not the site where millions of people’s private information was stolen.
Stakeholders were in agreement that their system needed to be protected with security stronger than passwords. So they began looking at two-factor authentication (2FA) solutions, including Google Authenticator with OpenVPN, and traditional token-based two-factor authentication from RSA. Some were familiar with RSA’s token-based system, and were concerned that adding a second layer of authentication would discourage people from using the VPN. For ease of use, they began looking at two-factor for their Cisco SSL VPN that could be integrated with their user’s smartphones.
From testing to full deployment in 4 hours
Duo Security two-factor authentication was on the radar of the person who leads their security group. He brought it to the team and suggested they give Duo a try. With strong authentication, a user-friendly interface, an affordable price structure and no long-term commitments, Duo moved to the top of their short list.
The VP of Operations remembers his initial interaction with Duo, “I think I talked with Duo for maybe five minutes before I gave them the credit card. That part was easy -- we got it done. It was a very point-and-click type of situation.” In tests, they discovered that Duo integrated seamlessly with applications they used every day, particularly the Jira project management system and other Atlassian products.
After initial testing with a couple of users, they called Duo to set up an account for 400 engineers and others who used the VPN regularly. Using Duo’s user self-enrollment feature, they were able to progress from testing to integration, then to full deployment to 400 users in under four hours. The VP of Operations, who had experience setting up an RSA two-factor solution said, “Compared to RSA the implementation of Duo was a no-brainer. We really enjoyed that.” In fact, deployment went so smoothly that they immediately began rolling out Duo two-factor authentication to everyone in the company — more than 800 people.
"With Duo, everything just works."
After deployment, things were quiet on the helpline. Things were so quiet that at first the IT team thought something might be wrong with the system. As the VP of Operations tells it, “We are not getting a whole lot of IT calls, which is great. So our costs for support of the Duo 2FA solution are surprisingly low. Definitely lower than token-based solutions I have used in the past. I was expecting more calls when we deployed Duo. And when no calls came in, I thought, nobody’s using it, and they’re so annoyed and they’re not calling in. But people were logging in, they were using it and it wasn’t a problem. With Duo, everything just works.”
“In my world, a vendor is doing a great job if I don’t have to think about them on a daily basis. That is what happened with Duo. Now we definitely look for all of our vendors to meet the bar Duo set. We want what we purchase from them to work so well we don’t have to think about them.”