Over the past 5 years, the use of multifactor authentication (MFA) solutions has tripled to 78% in 2021⁽¹⁾. However, there are still companies that fear that MFA applications will affect the employee experience.

To diminish this type of withholding, as well in terms of complexity and cost issues, Datanet Systems recently hosted a webinar that presented a series of best practices of Cisco Duo’s configuration and customization to cover a wide range of working scenarios.

Cisco Duo has been a market leader in Multi Factor Authentification⁽²⁾ solutions, solutions for several years in a row, and in 2021 received the “Gartner Peer Insights Customers’ Choice” award upon the users’ evaluation. It is an easy-to-manage solution because it includes multiple integration and automation options and offers a flexible licensing system.

 

How to use Cisco Duo

 

Essentially, Cisco Duo is a multi-factor authentication solution that verifies and authenticates the equipment used by employees of a company/organization. It is a critical tool for securing access to resources and creating access policies for the applications they use. But Duo is more than just an MFA solution, as it enables companies to validate the identity of users with multiple authentication methods – from SMS and tokens to biometrics. Additionally, the solution provides extended visibility into the terminal devices, verifying at the time of authentication the compliance of the device with the security policy defined by the administrator. Following this verification, by integrating with other solutions, the system can generate automatic prevention, blocking, and/or remedial actions, before giving the device access to the company’s IT resources. Here is a concrete example presented during the webinar:

 ”Cisco Duo provides real-time information about the update level of the operating system on a particular device, the security applications running on that device, the use of encrypted data storage, and so on. Based on this information, administrators can create policies by which access is strictly controlled – for example, they can create specific rules by user groups, defining which applications are allowed, and under what conditions“, explained Cristian Marinescu, Presales C0nsultant at Datanet Systems.

To best show the Duo platform’s efficiency and ease of use application, the Datanet’ specialist presented in detail how the process of enrolling a new user can be done in less than 5 minutes, by synchronizing the MFA application with Active Directory.

Another element of interest presented was the integration of Duo with Cisco Secure Endpoint, which allows the creation of policies that automatically block users’ access to applications when compromised equipment is detected. The method is especially effective in limiting the spread of ever-increasing ransomware threats – LockBit, for example, takes less than 6 minutes to encrypt 100,000 files.

 

Webinar and demo video registration

 

During the demo session, Cristian Marinescu detailed the use cases in which new users are added to Duo, how to secure access to applications, and the methods by which specific policies can be defined by user categories, as well as several scenarios for remote work and activation of “Self-service endpoint remediation” functionalities.

The demonstration made by the Datanet specialist can be viewed by accessing the full registration of the webinar „Enhanced protection with Cisco Duo multifactor authentication“

 

Duo is one of the main components of the Zero Trust architectural model proposed by Cisco, which also includes Secure Endpoints, Umbrella, AnyConnect, and Secure Firewall applications. (Details on how Cisco solutions work in an integrated security architecture are available here.)

For more technical information about the Duo, as well as other solutions in the Cisco security portfolio, you can contact us at sales@datanets.ro.

______________________

1 – Duo Labs Report: 2021 State of the Auth – Experiences and Perceptions of Multi-Factor Authentication

2 –The Forrester Wave: Zero Trust eXtended Ecosystem Platform Providers