Passwords have long been used as the primary form of online account security. However, as the internet becomes more sophisticated, so too have hackers. A password is no longer enough to protect your data from attacks. Luckily, products such as Cisco’s Duo offer added protection with multi-factor authentication (MFA). If you’re interested in requiring multi-factor authentication for your network or applications, a good place to start is to compare Duo plans.
What is Multi-Factor Authentication?
Multi-factor authentication requires two or more methods to verify your identity when logging into a cloud-based app or Windows computer. Authentication methods can include something you know – like a username and password – and something you have – like a smartphone app – to approve authentication requests. This second source of validation protects applications from unwanted users entering the system. It secures logins from attackers who are exploiting weak or stolen credentials.
This is important, given that 80% of security breaches involve a compromised password.
For businesses, requiring multi-factor authentication means partnering with a software solution – such as Duo – that prompts employees to provide a second form of verification. Duo is backed by a zero-trust philosophy. This means that, by default, no device is trusted and verification is required from everyone trying to gain access to the network.
Is your business interested in setting up multi-factor authentication for employees? If so, we recommend you compare Duo plans to determine which is the best fit for your business needs.
If you are looking for a user-friendly MFA Solution
When you compare Duo plans, you’ll notice that there is a free option and a basic paid option – Duo MFA. Both provide a streamlined MFA solution that is easy to use and seamlessly integrates into employees’ workflow.
Authentication can be provided via:
- Push notification on a secondary device – such as a phone or Apple Watch.
- Sending a password to the secondary device that the user then enters on the primary device.
- The user physically authenticating by tapping a Universal 2nd Factor (U2F) USB device or using a built-in biometric authenticator, such as TouchID, via WebAuthn.
If you compare Duo plans, many of these features are available with the Duo Free subscription. However, the paid Duo MFA plan allows administrators a greater level of visibility and control. With Duo MFA, Administrators can:
- View all devices accessing applications
- Assign and enforce security policies – either globally or per application
- Enforce policies based on authorized networks
The Duo MFA plan also allows for unlimited application integrations and Single Sign-on (SSO) for all cloud applications.
If you are looking for visibility into endpoint devices
One step up from the Duo MFA plan is the Duo Access plan. When you compare Duo plans, you’ll notice that the Duo Access plan offers even greater visibility into users’ devices to ensure that all laptops, desktops and mobile devices meet the security requirements of the organization.
With Duo Access, the administrator can view the security health of devices, and monitor and identify risky devices. The Duo Dashboard also has the functionality to enforce policies based on the users’ location and/or user group, as well as the security health of the computer or mobile device. For instance, administrators can establish policies for computers with:
- Out-of-date software
- Out-of-date firewalls
- Mobile devices that do not have a screen lock or encryption
If you are looking for enhanced security on corporate and personal devices
You cannot compare Duo plans without exploring the most sophisticated offering, Duo Beyond. In addition to all of the Duo Access plan features, Duo Beyond offers additional control over what employees using corporate devices and personal devices can access.
With this Duo subscription level, administrators can identify company-owned and personal devices accessing corporate applications. They can then limit sensitive data access to only company-owned devices or those with a Duo certificate. The administrator can also limit remote access to specific applications. This prevents users from exposing the network to possible threats because it’s protected by Duo’s secure SSO.
This plan is great for companies who want to secure access to internal servers, web applications, or remote access to hosted applications in AWS, Azure or GCP.