Friday, 2 November 2018

Secure Access to Any Application With Duo Security

Over the past decade, several trends have broadly influenced the way businesses provide users access to applications and services. These trends include the wide adoption of:

◈ Mobile devices
◈ Cloud services (SaaS and IaaS)
◈ Accessing applications from anywhere

As businesses have transformed to a multi-cloud approach, users now have 24×7 access to business applications using any device, from any location. This approach has significantly increased productivity and business agility.

During this same time, business risk has increased as the volume of security incidents has skyrocketed. The result has been major impacts on brand reputation and increased costs in the management and remediation of security incidents. Meanwhile, attackers have developed more sophisticated methods of attack, although many older methods used today (like social engineering, phishing and stolen passwords) still prove effective.

Over the past five years, the Verizon Data Breach Investigations Report has shown credential theft as the most common factor of a breach. In the 2018 report, Verizon reported the number one action involved in a breach was the use of stolen credentials.

When we look back at the legacy solutions that were previously available to protect against credential theft, products such as RSA SecurID, Vasco and Safenet come to mind. These legacy solutions are known for introducing friction into the end user workflow. They’re seen as being overbearing for the end user, costly to manage, difficult to deploy and integrate with distributed multi-cloud environments. These are not attributes you want in a solution you’re trusting to secure access to critical applications and data.

When Duo Security started, our mission was – and still is – to democratize security by focusing on mitigating and reducing the risk of credential theft in a way that is easy and intuitive for the end user; easy for admins to deploy and manage – while easily protecting any application. We do this by verifying the trust of the user and the device at the time of access – the moment when a user attempts to access a business application. And we apply the same level of protection to all applications, whether they’re hosted in the cloud or on-premises.

It’s a three-prong, unified approach to secure access:

Verify User Trust


Cisco Study Material, Cisco Guides, Cisco Learning, Cisco Tutorial and Material, Cisco Security

Duo verifies the trust of a user by sending a push notification to the user’s mobile device for one-tap approval and login, after the user completes primary authentication (username and password). For more sensitive applications, Duo can apply adaptive authentication controls and policies to establish a higher level of trust. This can include the user’s location, mobile biometrics such as TouchID and FaceID, as well as many other factors.

Verify Device Trust


Cisco Study Material, Cisco Guides, Cisco Learning, Cisco Tutorial and Material, Cisco Security

Duo also verifies the trust of a user’s device by ensuring the device is up to date and adheres to an organization’s security policies before granting access. When a device is up to date, the risk of a device being compromised is significantly reduced. For higher risk applications, Duo allows for stronger controls, such as only allowing company-managed devices to gain access.

Secure Any Application


Cisco Study Material, Cisco Guides, Cisco Learning, Cisco Tutorial and Material, Cisco Security

Duo extends the ability to verify the trust of the user and device to protect any application – in the cloud or on-premises – and supports the ability to apply these security controls to multi-cloud environments including SaaS, IaaS, VPN, Remote Access, Privileged Access, and other core business applications.

Duo’s ability to focus on the user experience while aligning with industry trends such as the broad adoption of mobile devices and cloud services puts Duo in a unique position to enable business agility by providing secure, frictionless access to any application, from anywhere, while significantly reducing the risk of a breach.

Related Posts

1 comment: