Cisco Duo MFA: a simple yet effective tool to secure users and foil the bad guys
May 03, 2021
Cisco Duo MFA: a simple yet effective tool to secure users and foil the bad guys
Score 9 out of 10
Vetted Review
Verified User
Overall Satisfaction with Duo Security
We use Duo Security across the organization as our multi-factor authentication (MFA) solution for users who are working remotely to connect to our corporate network using a Virtual Private Network (VPN). When users initiate a VPN connection, they receive a prompt on their personal cell phone or tablet asking them to accept or decline the connection attempt. We also use Duo to secure access to internal web resources that are made publicly available, such as our intranet and purchase requisition sites. Furthermore, we utilize Duo within the Information Systems (IS) department to secure access to servers.
Pros
- Simple tool for end users to learn and to use.
- Multiple uses--used to secure access to the network, websites, and servers.
- No additional device requirements; users can easily use their own personal devices.
- Active Directory sync--fairly straightforward to sync accounts from AD to Duo that should be using Duo.
Cons
- The interface to secure web applications isn't as polished as the other interfaces.
- Ability to switch devices is possible, but seems a little cumbersome--especially if the user is switching to a different OS.
- Occasionally, it seems that Duo goes to sleep on a user's device so that they miss the authentication prompt. However, this doesn't happen very often.
- Peace of mind--with Duo, we can relax (a little) knowing that our network is more secure.
- Hosted solution--the implementation timeline was simplified since the configuration site is hosted by Cisco.
- Improved security and accountability--with Duo, we have increased the security of our publicly facing resources; we have also increased the accountability of managing internal server resources by logging user access.
We use Duo to secure access to our network when users are connecting via VPN. We also use it to secure internal web resources that are made available publicly, such as our company's intranet site and our site for submitting purchasing requests. Finally, we also use Duo to secure login attempts on our servers.
It didn't take very long from the time we first licensed Duo to when we were implementing it for users. It was very important for us to begin using MFA as soon as possible once our workforce became distributed because of the pandemic. Cisco was able to get us licensed and using Duo in very little time.
We had an existing relationship with Cisco and we had become familiar with Duo previously because of that relationship. We didn't spend a lot of time evaluating other solutions because Duo seemed simple to use and met our requirements. I have seen the various devices other people use to implement MFA and they all seem cumbersome to me after having using Duo.
Comments
Please log in to join the conversation