Passwords have been the cornerstone of computer security since at least 1961, when MIT implemented password logins for its Compatible Time-Sharing System (CTSS). Passwords alone are no longer sufficient, however.
Part of the problem is that we’re all suffering from password fatigue. One recent study found that the average business user has nearly 200 unique passwords — a number that strains the limits of human memory and encourages a range of risky password practices. That’s why people continue to use easily guessed passwords such as “password” or saving passwords on sticky notes, notepads, Word documents and spreadsheets.
These risky behaviors have serious consequences. According to the 2019 Verizon Data Breach Investigations Report, 80 percent of hacking-related data breaches involved compromised, weak or reused passwords.
To overcome the inherent weaknesses of passwords and sloppy password practices by users, experts have long recommended the implementation of multifactor authentication. MFA requires a combination of verification factors, such as something the user knows (a password or PIN code) along with something the user has (a security token or mobile app) and something the user is (a biometric identifier). The location of the user and the current time are sometimes considered fourth and fifth factors for authentication.
Despite the apparent benefits, MFA adoption continues to lag. Surveys indicate that only about half of companies around the world use MFA. Users often complain that tokens and other secondary authentication factors are a pain to use, make logging in an overly complex process that disrupts the user experience.
The Duo MFA solution, now part of the Cisco family of security products, can simplify MFA and reduce the risk of pushback from employees. Duo allows users to easily enroll themselves and manage their own authentication devices. There are also automatic enrollment options to further simplify adoption and synchronize users from existing directories.
Here are five important Duo features that contribute to a more secure environment:
- User verification. Duo enforces two-factor authentication before granting access. When users attempt to log in to corporate resources, the easy-to-use, cloud-based tool generates a second authentication factor, typically in the form of a phone call, text or a code from the Duo app.
- Device verification. Duo’s Device Insight collects information about users’ devices as they authenticate. It automatically flags any devices that are out of date, jailbroken or otherwise out of compliance with security policies. It also tracks versions of operating systems, browsers and plugins.
- Network visibility. With more people working remotely, network administrators often lack visibility into the user-owned devices accessing network resources. Duo provides detailed information about every single device on your network, whether they are corporate- or user-owned.
- Policy enforcement. Duo allows you to set up and manage detailed access policies in minutes via a simple, intuitive administrator dashboard. You can customize policies for different users, devices, locations and many other contextual factors.
- Frictionless access. Duo’s single sign-on feature creates an easy and consistent login experience. Users can log in to a single, MFA-protected dashboard to gain access to all of their applications, whether they are on-premises or in the cloud.
Traditional password practices are broken, but they are fixable. Let RMM show you how Duo can help you prevent unauthorized users from accessing your IT resources without negatively impacting the user experience.