Duo’s cloud-first secure access platform fuels your IT modernization journey by leveraging “zero trust” principles of identity, device, and application protection, while helping federal agencies and government customers mitigate the risk of data breaches.
Duo helps you comply with National Institute of Standards and Technology (NIST) regulations requiring federal agencies and contractors to use strong authentication controls to secure access to critical information systems and applications. Duo has achieved a FedRAMP In-Process designation at the FedRAMP Moderate Impact Level.
We verify the identities of your federal employees and contractors with one of the most secure and easy to use two-factor authentication methods, Duo Push, which offers authentication at an AAL2 assurance level. Duo’s trusted access solution helps you meet NIST 800-63-3 and 53/63/171 authentication requirements. Duo also helps contractors comply with the Defense Federal Acquisition Regulation Supplement (DFARS), which requires any managed service provider with a federal contract to implement strong authentication and access controls to protect controlled unclassified information.
Duo’s two-factor authentication can also help law enforcement agencies meet Criminal Justice Information Services (CJIS) security policy standards for Advanced Authentication (AA), as noted by standard 18.104.22.168.
For federal agencies that have invested in Personal Identity Verification (PIV) cards and Common Access Cards (CAC), Duo’s solution works with your existing PIV and CAC solution to provide stronger access security.
Duo is also a PIV/CAC alternative in use cases where access cards are not ideal or cannot be used.
In addition to verifying users’ identities, our solution checks the security health of every device authenticating into your environment, at the time of access, without using an agent.
Duo’s trusted access solution ensures every application is protected by easily integrating with nearly every popular web, cloud and on-premises application, VPN, remote access gateway and more.
With Duo’s single sign-on (SSO), your users can securely access all of their agencies' cloud applications by logging into a web portal once, saving time and increasing productivity. Duo’s SSO is available through Duo Access Gateway, your connector to the cloud.
Duo's trusted access solution ensures only trusted users and trusted devices can access protected applications.
This complete security solution prevents modern attackers that often target multiple areas - including credential theft and the exploitation of known software vulnerabilities affecting outdated software versions.
Duo is approved by the Department of Homeland Security (DHS) and is listed on the Continuous Diagnostics and Mitigation (CDM) Approved Products List (APL). The CDM APL can be found at the General Services Administration's (GSA’s) CDM website.
Duo is currently a participant in many federal contract vehicles for the convenience of our federal customers. Duo can assist customers by referring them to specific vehicles that will enable the purchase of Duo Security products. Please contact us through firstname.lastname@example.org.
“Duo enabled us to comply quickly with CJIS requirements, as well as better identify and manage our remote system users.”
“Duo is easy to use. It provides the right amount of security without being intrusive in the productivity of our customers. Duo is also flexible and easy to setup and maintain from a technical standpoint.”
“Ease of use allows users to access remotely and seamlessly.”
To secure access to critical information, FIPS Publication 140-2 requires federal agencies and contractors who routinely process, store, and transmit sensitive federal information to implement the strong authentication controls outlined by NIST.
The Duo platform leverages FIPS 140-2 validated (Overall Level 2, Physical Security Level 3) YubiKey hardware to provide strong two-factor authentication so end-users can securely access data and applications on the network or in the cloud. Our combined, leading edge MFA technologies deliver a joint solution so government agencies, contractors, and organizations meet the federal guidelines outlined in NIST 800-63-3 AAL3—the highest Authenticator Assurance Level.