Duo Security Disrupts Traditional VPN and NAC Industries
February 14, 2017
Beyond is the first major commercial implementation of Google’s
BeyondCorp framework that drastically improves and simplifies
security management of how employees and devices access critical
corporate applications. Duo Beyond can be deployed in less than
an hour to replace a company’s virtual private network (VPN) or
network access control (NAC), protecting critical data for a
fraction of the cost.
According to newly released Duo research, more than one-third of
of access requests to a corporate network come from outside the
firewall, increasing the risk for unauthorized remote access to
sensitive data - often a primary cause of debilitating breaches.
Contrary to popular belief, Duo research also found Windows
users are running more up-to-date software than Mac users.
•For Mac endpoints, 83 percent have out-of-date operating
systems compared to 72 percent for Windows.
•On Macs, 55 percent have out-of-date browsers compared to 34
percent on Windows.
•As a point of comparison, only 35 percent of Chromebook
operating systems are out -of -date.
Duo and Google Look Beyond the Firewall
With its 8,000 customers and five million users in mind, Duo’s
implementation of Google’s new BeyondCorp architecture shakes up
the traditional security model, shifting from a firewall-based
approach to access policies based on device information, device
health and the associated user.
Information on a user’s physical location or network alone is no
longer adequate in enforcing access security. With Duo Beyond,
enterprise customers can allow for remote access to their
on-premise resources without using a VPN or NAC application.
Unlike a VPN that allows access to the entire network once a
user is logged in, Duo Beyond now allows security managers to
easily provide not only access, but also control which
applications users actually need access to. All this for a
fraction of the security budget and in a fraction of the time.
While traditional NAC solutions can take months to implement,
Duo Beyond can be fully deployed in a fraction of the time. For
travel giant, KAYAK, Duo Beyond was fully deployed in one hour.
“Duo Beyond is great for organizations with limited IT resources
as it has a multiplier effect,” said Steve Myers, KAYAK Head of
Security. “It allows one person to do the work of 10.”
Duo Beyond also gives IT administrators the ability to monitor
and restrict remote access to certain applications based on
whether the user has an employer-managed or unmanaged device.
“Securing the growing sea of unmanaged devices is a primary
concern for security practitioners today, as we continue to see
more and more breach headlines citing unauthorized access to
corporate networks from contractors and remote users,” said Jon
Oberheide, Duo Security Co-Founder and Chief Technology Officer.
“The industry needs to change the way it looks at security.
Rather than being concerned with a user’s location, we need to
make the process simpler, smarter and more secure. Period.”
A History of Security Disruption
has been the foundation for Duo since the beginning. Changing
the game for the two-factor authentication (2FA) industry with
its patented Duo Push technology, Duo eliminated the need for
hardware tokens that previously made 2FA overly complicated and
expensive. Most recently, the company introduced Duo Insight, a
phishing simulation tool, and Duo’s secure single sign-on (SSO)
into its Trusted Access Platform - simplifying the security tool
kit and shaking up traditional phishing and SSO tools.
Today’s Duo Beyond launch coincides with the company’s
announcement of a 135 percent increase in annual recurring
revenue growth to $73 million in 2016, putting the company among
the fastest-growing software-as-a-service (SaaS) providers in
the world. 2016 marks the fourth straight year the company has
achieved triple digit year-over-year growth and the first year
the company is cash-flow positive. Duo quadrupled its user base
to more than five million in 2016.