How do you or your organization use this solution?
Please share with us so that your peers can learn from your experiences.
When our users are connecting to our Cisco VPN, Duo effectively ensures that they are who they say they are by taking a second factor into account, such as the cell phone that was used to create their profile. To do this, it sends them a second mode of authentication, such as a PIN or push confirmation. It also geo-locks who is allowed to actually log into our systems. We have it locked to the continental United States and Puerto Rico, and one outsourcing firm that we work with. Once you have it set up, all you really have to do is add people to a group in the active directory and send them the instructions on how to do it. If you have a lower technical user base, you may have to walk them through it. But once it's set up, it really is automatic. Not a single person from our IT staff really needed anything other than the instructions. Of the 15 people in our test group, nobody actually needed instructions on how to use it either — beyond what I just wrote up and sent them. As we get to the older population in our company, the less technical population, we're probably going to have to walk them through it or hold their hands a little bit. Within our organization, there are currently 15 employees using this solution. Eventually, we will have all 221 office staff users with it set up. Still, we'll probably top out at about 80 users a day. We will increase the overall usage as our users increase. So, if we hire another 10 people, then we'll buy another license.
Duo Security provides multi-factor authentication for anything that requires multi-factor authentication. It could be our internal corporate services, such as a single sign-on portal, or applications, such as Google Cloud.
We are using it for perimeter protection.
We use Duo Security to access databases, which are in the cloud. It's two-factor authentication mostly.
In my job, we are using the 365 cloud service and there is a VPN solution. We are providing solutions to other enterprise-level customers, like banks. We do not require much cloud-based security because many clients need to have solutions on-premises. We already use RSA (Rivest, Shamir, and Adelman data security). We wanted to try to add some other cloud security options for the VPN and so we tried this product.
I am VP of product in our company and we are a customer of Duo Security.
What are the pros and cons of each?