Duo Security

At Duo, we combine security expertise with a user-centered philosophy to provide two-factor authentication, endpoint remediation and secure single sign-on tools for the modern era. It’s so simple and effective, you get the freedom to focus on your mission and leave protecting it to us.

Multi-Factor Authentication (MFA)
Verify the identity of all users with strong two-factor authentication – before granting access to corporate applications to protect against phishing and other access threats.

Authentication Methods
Duo’s wide variety of authentication methods enable every user to securely and quickly log in. Duo Push, sent by our Duo Mobile authentication app, allows users to approve push notifications to verify their identity. We also support Universal 2nd Factor (U2F), security keys and tokens, one-time passcodes (OTP), SMS and phone callback to provide flexible options for all types of users – from clinicians to third-party contractors.

Easily Enroll and Manage Users
While Duo’s user self-enrollment method is intuitive enough for users to do on their own, we also offer automatic enrollment options for ease of user provisioning for larger organizations. Quickly synchronize thousands of users from existing directories like Active Directory and Azure AD, or import users from a CSV file. Plus, users can manage their own authentication devices through our self-service portal, reducing your help desk support time.

Quickly Deploy, at Scale
Deploying at scale has never been so painless. Duo’s lightweight software as a service (SaaS) solution requires minimal infrastructure to roll out to thousands of users. Plus, we send updates to your users’ devices to ensure they always have the latest security patches and features, eliminating overhead on your end.

Assess User Risk With Phishing Simulation
Launch targeted phishing simulations within your organization with Duo’s Phishing Simulator to identify vulnerable users and devices. Our data dashboards allow you to measure and monitor your company’s risk of getting phished from one main control center.