All Research
Executive View

Duo Security

Richard Hill
Duo Security provides a scalable multi-factor authentication solution that can support a small to enterprise-size user base. Duo Security focuses on reducing the complexity of user identity verification while monitoring the health of their devices before connecting them to the applications they use. Duo Security goes beyond 2FA with adaptive authentication, endpoint visibility, mobile security, SSO and phishing assessment.

1 Introduction

Authentication is at the heart of securing access to devices and systems. Once a digital identity and credential are established for a user, an authentication system will use that identity credential to validate the user before they can gain access to the applications or other resources they are attempting to use.

How well an identity credential can be trusted is measured by its Level of Assurance (LoA), which are the technologies and processes used in identity and credential creation. The LoA of user authentication can be increased by adding the number of authenticating factors used when logging into a device. For example, a single authenticating factor may be a password, which is something you know. To increase the LoA of that credential, you can add a second authenticating factor such as something you have like a mobile phone with a secure application installed that receives out of band push notification as verification. A third type of authenticating factor can verify a biometric aspect of who you are by using things like fingerprint readers, retina scanners or voice recognition applications to name a few of the most popular biometric verification methods. Using more than one authentication factor is what is known as Multi-Factor Authentication (MFA).

Using only a single factor such as a password is the weakest form authentication and is strongly discouraged from use when accessing more sensitive resources. By adding a second authenticating factor, you can significantly increase the assurance that a user is who they say they are. Two-Factor Authentication (2FA) can provide the LoA for most organizations authentication needs.

As organizations start to move from a perimeter-based security model to a perimeterless one, greater emphasis will be placed on what you know about the user and the devices they use. The vetting of users and their identity metadata are readily handled by well-established security guidelines reflected in an organization’s policies, process, and procedures, but knowing the state of user device has not been given as much attention. Gaining better insight into a user’s device is needed to reduce the risk of attacks through the vulnerabilities exposed by out-of-date versions of software, as an example.

Some desired features of a 2FA solution include:

  • Support for multiple types of authenticating form factor
  • Simple user onboarding process and user management
  • Easy to use administration functions and integration tools
  • User and device metric reporting
  • Security risk reduction capabilities
  • Ability to improve user experience through ease of use

Duo Security is a privately held company based in Ann Arbor, MI with offices in San Mateo, CA; Austin, TX and London, UK; employing over 500 team members. Founded in 2010, Duo Security has grown significantly, more than doubling their annual recurring revenue (ARR) for the last four years in a row. Their products are used by more than six million users in over 100 countries. Duo has over 10,000 customers using their products that include the finance, government, security, travel, consumer, TV/Mobile, and cloud technology sectors.

Full article is available for registered users with free trial access or paid subscription.
Log in
Register and read on!
Create an account and buy Professional package, to access this and 600+ other in-depth and up-to-date insights
Register your account to start 30 days of free trial access
Register
Get premium access
Choose a package

Stay up to date

Subscribe for a newsletter to receive updates on newest events, insights and research.
I have read and agree to the Privacy Policy
I have read and agree to the Terms of Use