Do you know Duo? Duo is Cisco's Multi-Factor Authentication (MFA) solution and It does a lot more than you might realize.
Phishing campaigns can be very convincing, even to the very discerning eye. Often hundreds, or even thousands of users are targeted in a phishing campaign.
It only takes one user to make a very human mistake and enter their credentials on a web page that looks very legitimate. Even if you have an aggressive password policy electronically enforced company-wide,it only takes one successful phish to permit cyber-criminals to have access to your critical business data assets.
How can Duo Help Mitigate a Phishing Attack?
Mitigating the risk of email-basedphishing attacks is done with Cisco Email Security. Mitigating the risk of web-based phishing attacks is done with Cisco Umbrella. Mitigating the risk of these and other social engineering phishing attacks is done with user education.
But what if a user was phished, regardless? What can happen as a result? The attacker may be able to access the victim’s email or log into applications as the victim. They may even be able to remotely connect to the victim’s network and search for additional target systems to do additional malicious activity, like data exfiltration or malware installation. The consequences could be severe. Here’s how Duo can mitigate the impact of a phishing attack:
Duo provides multi-factor authentication for cloud applications, RADIUS-compatible services such as VPN, and even provides console access to systems such as Windows, MacOS, and Linux. Even if a user’s credentials are compromised, an attacker would not be able to approve the second factor of authentication.
Duo securely “pushes” an authorization request to a mobile device running the Duo Mobile app. Push authentication is more secure then SMS (cellular text) or time-based one-time codes, both of which are subject to compromise. Your users don’t have mobile devices? Duo MFA also works with hardware tokens.
Mobile Device Posture Assessment
Duo offers posture assessment as well. You can set policy so that only certain mobile device manufacturers with certain OS versions are permitted to be used for push authentication. You can also set policy so that only compliant devices, OS versions, and/or browsers are permitted to be used for Duo’s browser-based authentication prompt.
Remote Access VPN
Duo can prevent attackers from connecting to your network via remote-access VPN. Duo provides native support to a number of remote-access VPN platforms, as well as generic RADIUS support for any other compatible remote-access platforms. See here to for a list of remote-access platforms that Duo natively integrates with: https://duo.com/docs#remote-access-and-vpn.
If you want to reduce the number of passwords that your users have to memorize, consider using Duo Single Sign On. Duo SSO works natively with a very large number of cloud applications, and with any SAML2 application. Have a look here https://duo.com/docs#cloud-service-providers to see some of the applications that Duo SSO integrates with.
Seeing is Believing
Need to see Duo in action? Visit https://demo.duo.com for an interactive demonstration of several Duo functions.
As well, NSI can provide a Duo trial for up to a month!