Overall Satisfaction with Duo Security
We use Duo Security as our enterprise 2 Factor Authentication (2FA) system at Loyola University Maryland. We currently protect our remote application delivery system, as well as our SharePoint portal and our Office 365 implementation with Duo. Some departments also have additional uses - our Computer Science department protects all remote Linux/UNIX SSH access with Duo, and our IT department protects our password vault with Duo.
- Duo Security offers what I consider to be best-in-class security architecture, and was designed that way ground up (no RSA-like problems where all of your users' keys can get owned). Their cryptographic implementation is also best in class.
- Duo Security is incredibly flexible and easy to use for end users. Duo offers a solution that will work for every user. We have had very few issues with adoption from our user base.
- Duo Security is incredibly easy to implement on the back end. It's cloud-based, and the administrative interface is quick to learn. Setting up applications with Duo typically only takes a few minutes for basic configuration.
- Duo's reporting facility could be better. Some general reports are easy to get, but the built in interface is limited. To do any real reporting you have to download logs as a CSV or the like (which is actually really easy) and then do reporting in Excel or another similar method.
- Duo doesn't log an authentication attempt in their main authentication log unless that authentication is completed. A user can try to authenticate via a phone call or text message, for example, and while those are entered in the telephony log, unless the user responds to them and completes authentication, the attempt is not written in to the main authentication log.
- We are a higher ed institution, and the aggressive pricing that Duo offers to Internet 2 member institutions have made their product almost a no-brainer for us. The minimal investment required to license it is easily offset by the value offered in increased security and vulnerability, especially when it comes to requirements for cyber insurance and PCI compliance and the like.
Duo offers cryptographic infrastructure that is more robust than SecureID does (or did). In addition, Duo has never intentionally built back doors in to their product at the behest of the NSA. Many Duo products are either themselves open source or are based on open source codebase, so it is easy to verify that they are secure. Duo's pricing is also MUCH better than RSA's.