Duo Security’s

Two-Factor Authentication
Evaluation Guide
What to look for when assessing and comparing
two-factor authentication solutions
INTRODUCTION SECURITY IMPACT STRATEGIC INITIATIVES COST OF OWNERSHIP TIME TO VALUE REQUIRED RESOURCES THE DUO ADVANTAGE

Two-factor authentication
is the simplest, most effective
way to make sure users really
are who they say they are.
It protects your applications and data against unauthorized But, not every two-factor solution is the same. Some vendors

Over 80% of access due to credential theft by verifying your users’

identities before they access your data. Using a device, like
only provide the bare minimum needed to meet compliance
requirements – and lots of hidden costs required for deployment,

hacking-related a smartphone, prevents attackers from remotely accessing

your networks, servers and on-premises and cloud applications
operation and maintenance. Plus, many traditional solutions
are clunky, error-prone and require extensive user training and

breaches protected only with a password. support – costing your employees time and productivity.

leveraged weak, IN THIS GUIDE, YOU’LL GET:

default or stolen ++ A
 comprehensive set of criteria to customize your evaluation to your organization’s needs

passwords.
++ An overview of the hidden costs of a two‑factor solution and how to determine your return on investment (ROI)

++ What to look for to ensure your solution can protect against the risk of a data breach

++ A list of resources needed to deploy, provision and integrate your solution

—V ERIZON 2017 DATA BREACH
INVESTIGATIONS REPORT­ ++ An overview of the different strategic business initiatives, and how your solution fits into them

1
INTRODUCTION SECURITY IMPACT STRATEGIC INITIATIVES COST OF OWNERSHIP TIME TO VALUE REQUIRED RESOURCES THE DUO ADVANTAGE

Consider the following criteria when evaluating

different two-factor authentication solutions:

Security Impact Strategic Business Total Cost of

Can your solution protect against Initiatives Ownership
threats and provide visibility into Is your solution compatible with Does your solution provide more
your environment? How effectively other business initiatives? Does it upfront value, or more hidden
does the solution reduce the risk fulfill compliance requirements? costs to your organization?
of a data breach?

Time to Value Required Resources

How quickly can you get the What kind of resources
solution up and running in are required to deploy and
your environment? provision users? Is the solution
architected to reduce ongoing
administration tasks?

2
INTRODUCTION SECURITY IMPACT STRATEGIC INITIATIVES COST OF OWNERSHIP TIME TO VALUE REQUIRED RESOURCES THE DUO ADVANTAGE

Security Impact
The most critical security aspects of an authentication solution are 1) effectiveness against threats related to credential theft, and
2) underlying security and reliability. The primary goal is to reduce the risk of a data breach to your organization. If a solution is
easily bypassed or doesn’t provide comprehensive protection, it’s not worth implementing (at any cost!).

Secure Everything, Everywhere

FOCUS ON REMOTE LOGINS SECURE SENSITIVE DATA DETECT COMPROMISED DEVICES
Before you implement a new security solution, take full Check that the solution allows you to create advanced policies Consider a solution that offers more advanced detection and
inventory of your organization’s applications, networks and data and controls that you can apply to environments with sensitive protection from compromised devices – whether laptops,
that can be accessed remotely. data – whether it is Internet-accessible or on your private desktops, or mobile devices.
network. Examples include:
If you can log into it over the Internet, you should protect it with Check that the solution doesn’t require an agent to run on every
more than just a username and password! Ensure your solution ++ Define how users access sensitive systems, such as servers device, which can compromise user privacy.
can integrate with any custom software, VPNs, cloud-based containing financial data
applications and devices.
++ Set a stricter policy for servers with customer payment data
vs. public file servers

If you can log into it over the Internet, you should

protect it with more than a username and password.
3
INTRODUCTION SECURITY IMPACT STRATEGIC INITIATIVES COST OF OWNERSHIP TIME TO VALUE REQUIRED RESOURCES THE DUO ADVANTAGE

Policies and Controls Flexibility Visibility

An advanced two-factor authentication solution lets It’s expensive to rip and replace a solution, so choose one that Ask your provider if your solution gives you insight into your
administrators define rules based on users, groups, devices, can grow to support new users, integrations and devices – no users and their devices used to access your organization’s apps
networks and applications. Examples include: matter where they are, including on-premises and in the cloud. and data. An advanced authentication solution should give you
an at-a-glance picture of your security profile, letting you take
++ Create a policy that requires admins and IT staff to perform Check that your provider offers different authentication
action to protect against known vulnerabilities.
two factor every time they log in to protect privileged access methods, including smartphone apps, phone callback, SMS
passcodes and hardware tokens to fit every user’s need. Ensure your solution comes with detailed logs about your users,
++ Require less privileged users to authenticate less often
administrators and telephony so you can create custom reports,
when using the same device

++ Block login attempts from foreign countries you don’t do

Availability ideal for security analysts and compliance auditors.

Choose a solution that gives you visibility into authentication

business in, and block access from anonymous networks, A security solution is only as valuable as it is available, and
attempts, including data on IP addresses, anonymous networks,
like Tor resilient against security incidents and downtime. A cloud-
blacklisted countries and more – useful for determining where
based two-factor provider should maintain their solution
and when certain attacks may occur.
While traditional solutions such as firewalls and intrusion independent from your systems. That way, even if you’re
prevention systems (IPS) can do this, they’re typically limited to breached, access to your applications is still securely managed
protecting your on-premises data center. by your provider.

But by focusing only on the local network perimeter, these To protect against downtime, your provider’s service should
solutions leave many security gaps and zero coverage for be distributed across multiple geographic regions, providers
cloud applications. and power grids for seamless failover. Reliable vendors
should demonstrate 99.995% uptime, guaranteed by strong
service level agreements (SLA).

Check that your provider offers different

authentication methods to fit every user’s need.
4
INTRODUCTION SECURITY IMPACT STRATEGIC INITIATIVES COST OF OWNERSHIP TIME TO VALUE REQUIRED RESOURCES THE DUO ADVANTAGE

Strategic Business Initiatives

When evaluating a new security solution, consider how it may integrate with ongoing or future business initiatives, including
Bring Your Own Device (BYOD), mobile enablement or the adoption of cloud applications. Other business drivers to consider
include compliance regulation requirements, which vary by industry.

Cloud Adoption Bring Your Own Device Mobile-First

Today, most of your applications and servers might be Many organizations are considering or already allowing Are your employees accessing data and using mobile
on‑premises, but some may migrate to the cloud in the near employees to use their personal computers, smartphones, devices for work? If so, you’ll want to make sure that your
future. Check that the authentication solution can easily and tablets to get work done. When evaluating authentication authentication solution is also “mobile-first.”
integrate with your cloud applications. solutions, be sure to consider how compatible they are with
Check that your authentication solution provides a mobile app
your BYOD environment.
Additionally, if you’re moving away from managing software and that works with all of the different types of mobile devices used
hardware on-premises, then you should consider adopting a Can users use their own devices to complete by your employees, including iOS, Android, Blackberry and
cloud-based authentication solution that can scale as needed. authentication? This eliminates the need to carry around Windows Phone. For flexibility, ensure the solution works with
an extra device for authentication, allowing employees to other phone-based methods, like SMS and phone callback.
Make sure your authentication solution protects what’s
conveniently use their smartphones.
important both today and in the future. If it’s not easy to use, your users won’t use it – evaluate the
Can your authentication solution detect potential usability of your mobile app, for both your users (enrollment,
vulnerabilities and threats to your environment? Ask your activation and daily authentication) and administrators
provider how you can get greater visibility and control into your (user and solution management).
cloud and mobile environment, without the need to download an
extra agent on personal devices.

If it’s not easy to use, your users won’t use it.

5
INTRODUCTION SECURITY IMPACT STRATEGIC INITIATIVES COST OF OWNERSHIP TIME TO VALUE REQUIRED RESOURCES THE DUO ADVANTAGE

Logging & Reporting Validation & Compliance

Ensure your solution comes with detailed logs about your users’ If you deal with any type of sensitive data, like
activity so you can create custom reports, ideal for security personally identifiable data (PII), protected health
analysis and compliance auditors. information (PHI), customer payment data, etc., you
need to ensure your two-factor solution can meet any
Armed with details about jailbroken statuses, patch levels,
compliance regulation requirements.
browsers and more, you can also take action to prevent opening
your network up to known vulnerabilities. Additionally, your two-factor provider must be able to provide
an up-to-date proof of compliance report for your auditors. Ask
Logging also gives you insight into any user behavior anomalies
your provider if their company and solution is audited annually
or geo-impossible logins – if your user logs in from one location,
or regularly by an independent third-party auditor.
and then logs in from another location around the world, your
security team will know. Check that the vendor’s cloud-based service uses PCI
DSS (Payment Card Industry Data Security Solution), ISO
(International Organization for Standardization) 270001
and SOC (Service Organization Controls) 2 compliant
service providers.

Remember, It only takes one weak link in the security chain of

contractors for a breach to affect your organization.

Remember, it only takes one weak link in the security chain

for a breach to affect your organization.
6
INTRODUCTION SECURITY IMPACT STRATEGIC INITIATIVES COST OF OWNERSHIP TIME TO VALUE REQUIRED RESOURCES THE DUO ADVANTAGE

Total Cost of Ownership

The total cost of ownership (TCO) includes all direct and indirect costs of owning a product – for a two-factor solution, that may include
hidden costs, such as upfront, capital, licensing, support, maintenance, operating and many other unforeseen expenses over time.

How can you be sure you’re getting the best security return on your investment? Consider:

Upfront Costs
See if your vendor’s purchasing model requires that you pay per
AUTHENTICATORS HIGH AVAILABILITY CONFIGURATION
device, user or integration – this is important if your company
Do you have to purchase dedicated end-user devices? While Is this also included in your software license? By setting
plans to add new applications or services in the future. Estimate
tokens can add up, a mobile authentication app is typically free up duplicate instances of your software and connecting
how much it will cost to deploy two-factor authentication to all
for any number of users. a load balancer with the primary instance, you can end
of your apps and users.
up tripling your software costs. Setting up a redundant or
DATA CENTER COSTS disaster recovery configuration can also increase costs
ADMINISTRATIVE SOFTWARE/HARDWARE
Do you have to purchase servers? Server hosting costs can significantly, and some vendors charge additional licenses for
Is this included in the software license? Additional
add up: power, HVAC (heating, cooling and air conditioning), business continuity.
management software is often required – without this,
physical security, personnel, etc. A cloud‑based vendor will
customers can’t deploy two factor.
cover those costs.

Look for vendors with simple subscription models,

priced per user, with flexible contract times.
7
INTRODUCTION SECURITY IMPACT STRATEGIC INITIATIVES COST OF OWNERSHIP TIME TO VALUE REQUIRED RESOURCES THE DUO ADVANTAGE

Deployment Fees Ongoing Costs

DEPLOYMENT & CONFIGURATION PATCHES, MAINTENANCE & UPGRADES ADMINISTRATIVE MAINTENANCE
Find out if you can deploy the solution using your in-house Annual maintenance can raise software and hardware Consider the costs of employing full-time personnel to maintain
resources, or if it will require more resources and time to install, costs, as customers must pay for ongoing upgrades, your two-factor solution. Does your provider maintain the
test and troubleshoot integration. patches and support. solution in-house, or is it up to you to hire experts to manage it?

It’s often the responsibility of the customer to search for new Estimate how long it takes to complete routine administrative
END USER ENROLLMENT
patches from the vendor and apply them. Look for a vendor tasks – is it easy to add new users, revoke credentials or
Estimate how long it will take each user to enroll, and if it
that automatically updates the software for security and other replace tokens? Routine tasks, like managing users, should
requires any additional administrative training and helpdesk
critical updates, saving the cost of hiring a team. be simple – sign up for a trial and take it for a test run before
time. Look for an intuitive end user experience and simple
deploying it to all of your users.
One of the benefits of cloud-hosted services is that
enrollment process that doesn’t require training. Token-based
servers, maintenance and monitoring are covered by the
solutions are often more expensive to distribute and manage
SUPPORT & HELP DESK
provider’s network and security engineers, lightening the load
than they are to buy.
Live support via email, chat, and/or phone should also be
for your team.
included in your vendor’s service – but sometimes support
ADMINISTRATOR SUPPORT Depending on your solution, you may have to manually
costs extra. Consider how much time is required to support
To make it easy on your administrators, look for drop-in upgrade to the latest version. Some vendors may only update
your end users and help-desk staff, including troubleshooting
integrations for major apps, including APIs, to cut time and a few times a year, which can leave you susceptible to new
time. For enterprises with large IT departments, it’s not
resources needed for implementation. See if you can set vulnerabilities and exploits. Choose a vendor that updates often,
uncommon for help desk tickets related to tokens to account
up a pilot program for testing and user feedback – simple and rolls out automatic updates without any assistance from
for 25 percent of the overall IT support workload.
integrations should take no longer than 15 minutes. your team.
If a solution requires extensive support from your IT or
infrastructure teams, will you get charged for the time spent
supporting your on-premises two-factor solution? Estimate that
cost and factor it into your budget.
Token-related help desk tickets can
account for 25% of the IT support workload.
8
INTRODUCTION SECURITY IMPACT STRATEGIC INITIATIVES COST OF OWNERSHIP TIME TO VALUE REQUIRED RESOURCES THE DUO ADVANTAGE

Modern Solutions
High value, upfront costs

++ Simple subscription model ++ Administrative panel included

++ Free authentication mobile app ++ User self-service portal included

++ No fees to add new users or apps ++ Device insight

++ No data center/server maintenance ++ User, device and application access policies
and controls
++ High availability configuration
++ Single sign-on (SSO) and cloud support
++ Automatic security and app updates

NO HIDDEN COSTS

Traditional Solutions MANY HIDDEN COSTS

Potentially low upfront costs, not much value

LOTS OF HIDDEN COSTS:

−− Additional cost to add new apps or users

−− Administrative software/hardware

−− Authenticators – tokens, USB, etc.

−− Data center & server maintenance

−− High availability configuration

−− Administrative support

−− Patches, maintenance & upgrades

−− Help desk support

9
INTRODUCTION SECURITY IMPACT STRATEGIC INITIATIVES COST OF OWNERSHIP TIME TO VALUE REQUIRED RESOURCES THE DUO ADVANTAGE

Time to Value
Time to value, or time to security, refers to the time spent implementing, deploying, and adapting to the solution. Determine how
long it takes before your company can start realizing the security benefits of a two-factor authentication solution – particularly
important after a recent breach or security incident.

Proof of Concept Deployment Onboarding & Training Users

Setting up a two-factor pilot program lets you test your solution Walk through likely implementation scenarios so you can A vendor’s enrollment process is often a major time sink for IT
across a small group of users, giving you the ability to gather estimate the time and costs associated with provisioning administrators – make sure you walk through the entire process
valuable feedback on what works and what doesn’t before your user base. Cloud-based services provide the fastest to identify any potential issues.
deploying it to your entire organization. deployment times since they don’t require hardware or software
For enterprises, bulk enrollment may be a more time-efficient
installation, while on-premises solutions tend to take more time
way to sign up a large amount of users. To support your
and resources to get up and running.
cloud apps, ensure your two-factor solution lets you quickly
Most security professionals don’t have time to write their provision new users for cloud apps by using existing on-
own integration code. Choose a vendor that supplies drop‑in premises credentials.
integrations for all major cloud apps, VPNs, Unix and
See if the solution requires hardware or software for each user,
MS remote access points. You’ll also want to look for a vendor
or time-consuming user training. Token deployment can require
that enables you to automate functionality and export logs in
a dedicated resource, but easy self-enrollment eliminates the
Cloud-based services real time.
need to manually provision tokens.

deploy faster since they Also, to save on Single Sign-On (SSO) integration time, check
that your two-factor solution supports the Security Assertion
With a mobile cloud-based solution, users can quickly
download the app themselves onto their devices. A solution that
don’t require hardware Markup Language (SAML) authentication standard that
delegates authentication from a service provider or application
allows your users to download, enroll and manage their own

or software installation. to an identity provider.

authentication devices using only a web browser can also save
your deployment team’s time.

10
INTRODUCTION SECURITY IMPACT STRATEGIC INITIATIVES COST OF OWNERSHIP TIME TO VALUE REQUIRED RESOURCES THE DUO ADVANTAGE

Required Resources
Consider the time, personnel and other resources required to integrate your applications, manage users and devices, and maintain/
monitor your solution. Ask your provider what they cover, and where you need to fill in the gaps.

Application Support User & Device Management Maintenance

Some two-factor solutions require more time and personnel Like any good security tool, your two-factor solution should Make sure that your solution requires minimal ongoing
to integrate with your applications, whether on-premises or give administrators the power they need to support users and maintenance and management for lower operating costs –
cloud‑based. devices with minimal hassle. cloud-hosted solutions are ideal since the vendor handles
infrastructure, upgrades and maintenance.
Check that they provide extensive documentation, as well as Look for a solution with a centralized administrative dashboard
APIs and SDKs so you can easily implement the solution into for a consolidated view of your two-factor deployments, and Can you use your existing staff to deploy and maintain this
every application that your organization relies on. enables admins to: solution, or will you need to hire more personnel or contractors
to do the job? Ask your vendor if monitoring or logging is
++ Easily generate bypass codes for users that forget or lost
included in the solution.
their phones
A solution that requires many additional resources to adapt and
++ Add and revoke credentials as needed, without the need to
scale may not be worth the cost and time. Evaluate whether
provision and manage physical tokens
your solution allows you to easily add new applications or
Ask your provider if they offer a self-service portal that allows change security policies as your company needs evolve.
users to manage their own accounts, add or delete devices, and
other simple tasks.

Can your staff deploy and maintain the solution, or will

you need to hire more personnel or contractors?
11
INTRODUCTION SECURITY IMPACT STRATEGIC INITIATIVES COST OF OWNERSHIP TIME TO VALUE REQUIRED RESOURCES THE DUO ADVANTAGE

The Duo Advantage

Duo Security’s two-factor solution combines intuitive usability with advanced security features to protect against the latest attack
methods and to provide a frictionless authentication experience.

Security Impact TRUSTED DEVICES (BYOD SECURITY) SECURE EVERY APPLICATION

Bring Your Own Device (BYOD) introduces risks associated to To secure every type of application, Duo’s solution easily and
trusting your users’ devices. Duo checks the security health of quickly integrates with virtual private networks (VPNs) and remote
TRUSTED USERS
your devices before they access your applications, giving you access gateways like CA SiteMinder, Juniper, Cisco, Palo Alto
Duo verifies the identity of your users, protecting against
complete visibility into both corporate and personal devices. Networks, Citrix and more; enterprise cloud apps like Microsoft
phishing with an advanced two-factor authentication solution,
With Duo’s device access policies, you can also enforce strong O365, Salesforce, Google Apps, AWS and Box; and on-premises
Trusted Access. Duo’s contextual user access policies
access policies based on certificates, device versions and and web apps like Epic, Splunk, Confluence, Shibboleth and
let you create custom controls to further protect access to
security configurations. Learn more about Trusted Devices. more. Duo provides APIs and client libraries for everything else,
your applications based on type of users, devices and apps.
including your custom and proprietary software.
Duo also offers a phishing simulation tool to help you assess
employee risk. Learn more about Trusted Users. With Duo’s secure single sign-on (SSO), you can leverage your
existing identity provider for faster provisioning and improved
accuracy. Allow your users to log in just once to securely
access cloud and on-premises applications. Learn more about
Every Application.

Duo verifies the identity of your users with two-factor

authentication, and the security health of their devices
before they connect to your applications.
12
INTRODUCTION SECURITY IMPACT STRATEGIC INITIATIVES COST OF OWNERSHIP TIME TO VALUE REQUIRED RESOURCES THE DUO ADVANTAGE

Security Impact
(continued)
AVAILABILITY VISIBILITY
Duo protects against downtime, ensuring high availability with With Duo’s Device Insight, IT admins can gain insight into the
FLEXIBILITY
distribution across multiple geographic regions, providers security posture of both corporate and personal devices used
As a cloud-based solution, it’s easy to provision new users and
and power grids for seamless failover. Duo ensures an uptime to connect to company applications and services, without the
protect new applications with Duo as your company grows,
exceeding 99.995% with a hard service level guarantee, with use of agents.
since there are no limits or additional charges per application.
premium private hosting available. Duo’s servers are hosted
Duo’s solution also provides detailed security logs that track
Easily onboard new users with Duo’s self-enrollment, bulk
across independent PCI DSS and ISO 27001-certified and
events related to users, administrators and telephony activity,
enrollment or Active Directory synchronization options. Learn
SSAE 16-audited service providers with strong physical security
you can quickly create custom reports, ideal for security
about User Provisioning.
to ensure your service is always available.
analysis and compliance auditors. Learn more about Reporting.

Duo gives you insight into the security posture of both

corporate and personal devices used to connect to
company applications and services.
13
INTRODUCTION SECURITY IMPACT STRATEGIC INITIATIVES COST OF OWNERSHIP TIME TO VALUE REQUIRED RESOURCES THE DUO ADVANTAGE

Strategic Business Initiatives

CLOUD ADOPTION MOBILE-FIRST VALIDATION AND COMPLIANCE
As a cloud-based solution, Duo’s two factor doesn’t require any As an authentication app, Duo was built to enable the Duo’s full-time security team is experienced in running
hardware or software to install or manage, and it’s easy to scale use of mobile devices in the workforce. Duo Push allows large‑scale systems security, and is comprised of the top
with your growing users and applications. Duo also supports users to conveniently approve two-factor authentication mobile, app and network security experts. Duo’s operational
SAML (Security Assertion Markup Language) cloud apps via requests via their mobile phones as an alternative to carrying processes are SOC 2 compliant. Duo’s two‑factor
secure single sign-on, including Google Apps, Amazon Web security tokens. authentication cryptographic algorithms are also validated by
Services, Box, Salesforce and Microsoft Office 365. NIST and FIPS.
LOGGING AND REPORTING
Duo Push satisfies Electronic Prescription of Controlled
WORKFORCE PRODUCTIVITY Duo’s detailed user, administrator and telephony security logs
Substance (EPCS) requirements for two-factor authentication
Duo provides a better end user experience for accessing can be easily imported into a security information and event
in the healthcare industry, while Duo’s one-time passcodes
applications by reducing workflow friction and increasing management (SIEM) tool for log analysis, or viewed via
meet FIPS 140-2 compliance for government agencies. Learn
workplace productivity. Duo’s single sign-on (SSO) solution Duo’s Admin API for real-time log access.
more about Duo’s Security & Reliability.
allows your users to log in just once to securely access multiple
cloud and internal applications.

BRING YOUR OWN DEVICE (BYOD) SECURITY

Duo’s mobile authentication app, Duo Mobile is BYOD‑friendly
and can be used on many different devices, with no additional
hardware required. Users can download the free app on
their personal device without the use of an agent, ensuring
user privacy.

Duo’s security team includes some of the world’s foremost

experts in modern mobile, application and network security
research and technologies.
14
INTRODUCTION SECURITY IMPACT STRATEGIC INITIATIVES COST OF OWNERSHIP TIME TO VALUE REQUIRED RESOURCES THE DUO ADVANTAGE

Total Cost of Ownership (TCO)

While traditional security products require on-premises software or hardware hosted in a data center, Duo offers security in a
software as a service (SaaS) model through a cloud-based platform.

With Duo’s two factor, you get the most upfront value with no hidden costs, including: BUDGET CONSOLIDATION
++ A simple subscription model priced per user, billed annually, ++ Automatic application updates, with patch management, With Duo, you can replace the need for multiple different
with no extra fees for new devices or applications maintenance and live support at no extra cost hardware and software security solutions that solve for isolated
use cases, like authentication, network access control, endpoint
++ A free authentication mobile app that users can download ++ Advanced features that let you customize policies and
security, vulnerability assessment tools, etc. with a single cloud
themselves controls, as well as get device data
service that provides two-factor authentication, device insight,
++ A high availability configuration, disaster recovery and data ++ A secure single sign-on (SSO) and authentication solution
single sign-on and endpoint policies and controls.
center management in one
Duo’s Trusted Access solution provides a comprehensive
++ Easy deployment with the help of Duo’s drop‑in integrations
security platform that eliminates the need ­— and budget —
for all major apps and APIs, and an administrative panel for
for many disparate security tools that may prove difficult to
user and solution management
fully integrate.
Other solutions may appear to come with a lower price tag, but the layers of hidden costs can add up fast, quickly
tripling TCO and offering less value overall.

Other solutions may appear to come with a lower price tag, but
the layers of hidden costs can add up fast, rapidly tripling TCO
and offering less value overall.
15
INTRODUCTION SECURITY IMPACT STRATEGIC INITIATIVES COST OF OWNERSHIP TIME TO VALUE REQUIRED RESOURCES THE DUO ADVANTAGE

Time to Value Required Resources Dedicated, Responsive

Support
PROOF OF CONCEPT APPLICATION SUPPORT
To answer your questions before, during and after your Duo
Duo lets you try before you buy, helping you set up pilot Duo integrates easily with your on-premises or cloud‑based
deployment, you can count on our fully staffed, in-house
programs before deploying it to your entire organization, with applications, with no need for extra hardware, software or
Duo Support team.
extensive documentation and knowledge articles to help guide agents. Duo’s extensive documentation, APIs and SDKs makes
you through the evaluation stage. View Duo’s documentation. for seamless implementation, reducing the need for a dedicated Our responsive support team members have the security
IT or security team. expertise to quickly assist you with any specific integration
DEPLOYMENT needs. Duo’s customer support service is included with your
For faster and easier deployment, Duo provides drop‑in USER & DEVICE MANAGEMENT solution at no extra charge, with no support contracts required.
integrations for all major cloud apps, VPNs, UNIX Duo’s administrative panel allows admins to support users
In addition, we offer extensive knowledge base articles to help
and MS remote access points, as well as support for and devices using one centralized dashboard. Log into the
troubleshoot and quickly fix known issues. Our end-user guide
web SDK and APIs. Quickly provision new users with web-based portal to manage user accounts and devices,
and detailed documentation are frequently updated and helpful
bulk enrollment, self-enrollment, Microsoft Active Directory generate bypass codes, add phones to users and more. Duo’s
resources available on Duo.com.
synchronization, or with the use of Duo Access Gateway for self-service portal enables users to manage their own devices,
For more advanced deployments and specific SLA
cloud-based applications. reducing administrative support time for simple tasks.
requirements, we offer Duo Care, a premium customer success
and support service with extended coverage and a dedicated
ONBOARDING & TRAINING USERS MAINTENANCE
Customer Success team.
Duo’s authentication app, Duo Mobile allows users to As a cloud-hosted solution, Duo covers the infrastructure and
quickly download the app onto their devices, while a maintenance, letting you focus on your core business objectives. The Duo Customer Success team equips you with everything
self-service portal also lets users manage their own accounts Since security and other updates are rolled out frequently and you need to roll out your Duo deployment, including a
and devices via an easy web-based login, reducing help desk automatically to patch for the latest vulnerabilities, you don’t need customized launch kit to help with security policies, user
tickets and support time. to hire a dedicated team to manage the solution. Duo’s solution training, solution architecture design, and more.
is flexible enough to scale quickly, letting you easily add new
applications, users or change security policies as needed.

Duo is flexible enough to scale quickly, letting you easily add new
apps, users, or change security policies as you grow.
16
“Duo increased our security
and was an easy tool to deploy;
every organization should
consider it immediately.”
Chad Spiers
Director of Information Security, Sentara Healthcare

Experience advanced two-factor authentication, endpoint visibility,

custom user policies and more with your free 30 day trial.

Duo Security makes security painless, so you can focus on what’s important. Duo’s scalable, cloud-based
Trusted Access platform addresses security threats before they become a problem, by verifying the identity
of your users and the health of their devices before they connect to the applications you want them to access.

Thousands of organizations worldwide use Duo, including Dresser-Rand Group, Etsy, Facebook, K-Swiss,
Paramount Pictures, Random House, SuddenLink, Toyota, Twitter, Yelp, Zillow, and more. Duo is backed by
Google Ventures, True Ventures, Radar Partners, Redpoint Ventures and Benchmark. Duo is located from
coast to coast and across the sea.

The Most Loved

Company in Security duo.com