Ackcent and Duo Security joined forces to share meaningful expertise in cybersecurity to our clients. Another edition of our Cyberlunch was held in Madrid, where we discussed Multifactor Authentication (MFA) over food and wine.
Together with Duo experts and clients, we shared our experience and insights on how Duo helps us in our daily procedures and compliance with regulations such as PCI-DSS.
Duo Security is an MFA solution based on Zero Trust principle by only trusting on users using 2FA before granting access to systems, gaining visibility over devices, ensuring device trustworthiness, enforcing access policies and enabling secure access to all applications from a central point.
Our clients were engaged and eager to discuss the following topics in-depth:
- Protecting applications: By using Duo Security, an organization can protect from SSH access, Remote desktops, VPN accesses, Microsoft OWA, web applications like WordPress, Drupal, Jira, Confluence, many identity providers through SAMLv2 to inhouse developed applications (from web to mobile) by using its API.
- Deployment options: Our clients are conscious about the IT environment complexity and Duo Security helps them to simplify the deployment. Many applications use a plugin that directly connects to Duo Security console endpoint, no internal nor DMZ deployment is required, but for some systems like VPN or Duo Authentication Gateway must be deployed on the internal network. This proxy is responsible for receiving the authentication from the clients and validating the Active Directory or LDAP. Once the authentication is successfully carried out, it authenticates the user and leads him to the 2FA process. On the other hand, Duo Security provides an Authentication Gateway, acting as an Identity Provider. It must be deployed on the DMZ and provides a way to implement SAMLv2 to authenticate the users.
- Compliance: Many of our clients operate within the financial industry and payment gateways, so they must comply with PCI-DSS. The last PCI-DSS version requires that administration access to the system is under MFA mechanisms, so Duo Security becomes a suitable solution that helps with MFA over SSH, Linux accesses and Remote Desktop Connections. By using its integrations with Active Directory, we can define policies to apply it to administrators and deny all other login tries.
Duo Security meets our client’s expectations and requirements, and we are confident that our clients will remain satisfied with the solution.