Item: Cisco Duo
Rating: 9
Author: Verified User

Use Cases and Deployment Scope

The choice of implementing Duo Security was made to limit the impact of accounts compromise on both the users and the institution. Our core focus was to roll-out two-factor authentication on the community users who have access to the most critical data so our staff, faculty, contractors, and student workers are currently covered with Duo Security and have to use the solution to access their services.

Our goal is to roll-out the solution to our entire student population and help better protect their information and limit the impact of their accounts being compromised for the rest of the community.

Pros and Cons

Duo Security integrates easily with the most popular single sign-on solutions. This allows us to roll-out the solution really quickly on an existing infrastructure with limited amount of involvement.
Duo Security offers support for a multitude of second-factor mechanisms providing a flexible framework for implementing a solution tailored to a company's needs.
Duo Security offers great APIs that allow to perform some custom management and greatly increases the flexibility of the solution for the organizations that have custom development teams.

The single sign-on platform provides limited functionality when it comes to custom attributes stored on the platform. This prevents advanced deployment where those attributes (e.g. composite / calculated ones) are not stored in the directory (Active Directory, LDAP, etc.) instance.
Duo Security lacks an actual user portal that would allow the users to manage their devices. This is achievable using the APIs but requires development effort which is more complex in smaller structure without specific development team.

Return on Investment

The implementation of Duo Security has allowed us to reduce the risks around compromise of accounts.
The flexibility of the platform allowed us to leverage existing information technology support structure limiting the cost of the roll-out.

Support Rating

The support and customer success managers have been really reacting quickly to all the requests we have sent to them. As we have not had many issues, the sample of interactions with the support team has been really limited. Duo Security has provided a good level of notifications during general incidents allowing us to inform our users and monitor the situation.

Key Insights

Do you think Cisco Duo delivers good value for the price?

Yes

Are you happy with Cisco Duo's feature set?

Yes

Did Cisco Duo live up to sales and marketing promises?

Yes

Did implementation of Cisco Duo go as expected?

Yes

Would you buy Cisco Duo again?

Yes

Other Software Used

OneLogin, Identity Automation RapidIdentity

Likelihood to Recommend

I feel Duo Security if well-suited for a couple of use cases:

Any implementation of two-factor authentication whether there is an existing single sign-on infrastructure or not. This is likely the strongest suit of Duo Security due to the breadth of services supported and the flexibility provided.
Simple implementation of single sign-on that does not require advanced attributes management. Organizations that do not have complex needs for single sign-on and just want to authenticate the users without doing advanced provisioning and complex attributes mappings would benefit from having single sign-on and two-factor authentication in the same platform.

Complex single sign-on environments that require deep management of attributes and permissions will likely benefit from more mature single sign-on platforms.

Well thought out and integrated two-factor authentication solution

Overall Satisfaction with Duo Security