Skip navigation

Duo Security is now a part of Cisco

About Cisco


Protect Government Systems

Duo’s cloud-first secure access platform fuels your IT modernization journey by leveraging “zero trust” principles of identity, device, and application protection, while helping federal agencies and government customers mitigate the risk of data breaches.

Securing Government

Duo helps you comply with National Institute of Standards and Technology (NIST) regulations requiring federal agencies and contractors to use strong authentication controls to secure access to critical information systems and applications. Duo has achieved a FedRAMP In-Process designation at the FedRAMP Moderate Impact Level.

Stronger Authentication Controls

We verify the identities of your federal employees and contractors with one of the most secure and easy to use two-factor authentication methods, Duo Push, which offers authentication at an AAL2 assurance level. Duo’s trusted access solution helps you meet NIST 800-63-3 and 53/63/171 authentication requirements. Duo also helps contractors comply with the Defense Federal Acquisition Regulation Supplement (DFARS), which requires any managed service provider with a federal contract to implement strong authentication and access controls to protect controlled unclassified information.

Duo’s two-factor authentication can also help law enforcement agencies meet Criminal Justice Information Services (CJIS) security policy standards for Advanced Authentication (AA), as noted by standard

Complement PIV and CAC Access

For federal agencies that have invested in Personal Identity Verification (PIV) cards and Common Access Cards (CAC), Duo’s solution works with your existing PIV and CAC solution to provide stronger access security.

Duo is also a PIV/CAC alternative in use cases where access cards are not ideal or cannot be used.

Identify At-Risk Devices

In addition to verifying users’ identities, our solution checks the security health of every device authenticating into your environment, at the time of access, without using an agent.

Federal admins can use Duo to enforce stricter device access and application access policies, including blocking login requests based on location or anonymous networks, like Tor and VPN proxies.

Support Every Application

Duo’s trusted access solution ensures every application is protected by easily integrating with nearly every popular web, cloud and on-premises application, VPN, remote access gateway and more.

With Duo’s single sign-on (SSO), your users can securely access all of their agencies' cloud applications by logging into a web portal once, saving time and increasing productivity. Duo’s SSO is available through Duo Access Gateway, your connector to the cloud.

Trusted Access

Duo's trusted access solution ensures only trusted users and trusted devices can access protected applications.

This complete security solution prevents modern attackers that often target multiple areas - including credential theft and the exploitation of known software vulnerabilities affecting outdated software versions.

Aligns With CDM

Duo is approved by the Department of Homeland Security (DHS) and is listed on the Continuous Diagnostics and Mitigation (CDM) Approved Products List (APL). The CDM APL can be found at the General Services Administration's (GSA’s) CDM website.

Duo Federal Contracts & Partners

Duo is currently a participant in many federal contract vehicles for the convenience of our federal customers. Duo can assist customers by referring them to specific vehicles that will enable the purchase of Duo Security products. Please contact us through

  • “Duo enabled us to comply quickly with CJIS requirements, as well as better identify and manage our remote system users.”

    — Lt. David Hardy, ITSS Unit Commander, City of San Francisco
  • “Duo is easy to use. It provides the right amount of security without being intrusive in the productivity of our customers. Duo is also flexible and easy to setup and maintain from a technical standpoint.”

    — Victor Hopkins-LeCheminant, IT Architect, City of Whitehorse
  • “Ease of use allows users to access remotely and seamlessly.”

    — Lee Persohn, Attorney, Jim Wells County-District Attorney

Duo + Yubico

To secure access to critical information, FIPS Publication 140-2 requires federal agencies and contractors who routinely process, store, and transmit sensitive federal information to implement the strong authentication controls outlined by NIST.

The Duo platform leverages FIPS 140-2 validated (Overall Level 2, Physical Security Level 3) YubiKey hardware to provide strong two-factor authentication so end-users can securely access data and applications on the network or in the cloud. Our combined, leading edge MFA technologies deliver a joint solution so government agencies, contractors, and organizations meet the federal guidelines outlined in NIST 800-63-3 AAL3—the highest Authenticator Assurance Level.

The Path to IT Modernization: Protecting Government Systems

Cloud and mobile technologies have accelerated IT modernization efforts in federal agencies and government organizations. In this paper, we examine five steps agencies can take to better secure application access while satisfying modernization requirements.

Download Now

Ready to Get Started?

Try out Duo Access for 30 days to experience trusted access.