When it comes to remote access, users are increasingly logging into work applications from non–office networks. This is unsurprising, given the global trend toward a more distributed workforce.
Remote work is up — whether it‘s working from home or potentially other places, like coffee shops, airports, hotel rooms, planes, trains, etc. And that means your users need to be able to access work resources remotely to do their jobs — luckily, the cloud-–centric model of applications means they can log in wherever they have a web browser and internet.
With that convenience comes potential risks that anyone can remotely access your company‘s applications and data, if they‘re able to steal or guess a user‘s password (and if your systems aren‘t protected by multi–factor authentication). And this can be easily achieved via phishing attempts.
Two-Factor Authentication (2FA, or MFA) provides a mechanism to protect your assets and applications with a second authentication factor in addition to a password. The second factor provides an extra layer of defense in case a password is compromised. It is essential though, that this second factor is easy to use, and does not constitute a burden on your users.
When it comes to user authentication and 2FA, it is important to be as ‘SIMPLE’ as possible.
Duo Access helps you to reduce risk by enforcing precise policies and controls. Enable your team to define and enforce rules on who can access what applications — under what conditions. Define access policies by user group and per application to increase security without compromising end–user experience.
Once a user is identified as trusted, the device must pass the next check. Duo ensures the security health of your devices before they can reach your applications by ensuring they are up to date. Combining trusted users and trusted devices means total control over who and what has access.
Security starts with transparency. Duo gives you complete visibility into both managed and unmanaged devices that authenticate into your applications.
Duo also reports on the status of important security features of mobile devices, such as full disk encryption and rooted/jailbroken status.
Duo’s Device Insight collects and analyzes data about your devices, including software versions, enabled security features and jailbroken or rooted status so you can identify any risky devices before they become a problem.
Duo Beyond allows you to identify corporate vs. personal devices with easy certificate deployment, block untrusted endpoints, and give your users secure access to internal applications without using VPNs.
Duo‘s Trusted Endpoints feature lets you define and manage trusted endpoints and grant secure access to your organization‘s applications with device certificate verification policies.
Duo helps you distinguish between unmanaged endpoints and managed endpoints that access your browser–based applications. The Trusted Endpoints policy tracks whether clients accessing the applications have the Duo device certificate present, or can block access to various applications from systems without the Duo certificate.
Duo Beyond helps you to reduce risk by enforcing precise policies and controls. Enable your team to define and enforce rules on who can access what applications — under what conditions. Define access policies by user group and per application to increase security without compromising end–user experience. Learn more about Policy & Control. Know at a glance how many managed and unmanaged devices accessed your applications on the Device Insight page, and see the trusted status of any Endpoint.