Duo Security Review

Multifactor authentication keeps employees safe from phishing scams

What is our primary use case?

This solution provides MFA (Multifactor authentication) to protect access to the ERP system for a diverse population of employees at a public higher-education institution.

How has it helped my organization?

By deploying Duo, we have virtually eliminated the risk of direct deposit redirection as a result of credentials that have been compromised via phishing.

What is most valuable?

The feature that we find most valuable is Duo's ability to provide MFA via mechanisms that do not require a smartphone. We have many users who either refuse or are unable to use a smartphone. Buying them hardware tokens is out of the question, as well. The availability of mechanisms that can achieve MFA, but do not rely on either of those two supplementary elements, is critical for our user population.

What needs improvement?

Reducing or eliminating the "telephony credits" system used by Duo would be great.  I recognize that they are meant to provide transparency around the cost of using what is supposed to be a limited-use feature set, but I would just rather have the ability to use unlimited telephony and roll that cost into the annual subscription.

For how long have I used the solution?

One to three years.
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment