Arraya Insights | May 22, 2018
Rolling out a multifactor authentication (MFA) solution such as the one offered by Duo is a good way to reinforce a cyber security weak point: end users. That is, of course, unless users find this added security to be a productivity roadblock. Should that happen, they may attempt to circumvent it or petition upper management to torpedo the initiative.
Rather than end up back at the mercy of end users’ password prowess, IT must create harmony between them and an MFA solution. Here’s how you can lean on features built in to Duo MFA to accomplish just that:
- Give users the freedom to choose.
Secure doesn’t have to mean rigid. Duo allows users to select one of four device types to use as their authentication platform. Passcodes can be relayed via mobile phones, tablets, landlines, or security keys. The more freedom users have, the more likely they are to find an approach to MFA that fits them.
- Make sure they have a backup at the ready.
A lost or otherwise unavailable authentication device can send user blood pressure boiling. However, Duo lets users add an unlimited number of authentication devices to their account. This ensures if a primary – or even secondary – device is missing, users can still access the account they need.
- Enable ‘One-Touch’ authentication.
Entering in a lengthy MFA passcode can be a source of user frustration in and of itself. Duo Push ditches the code, using the Duo Mobile app to send push notifications directly to a user’s device. Once they’ve downloaded the app, all users need to do to authenticate is tap “Approve” when the logon request pops up on their screen.
- Allow them to onboard and off-board devices.
Despite the important role they play in users’ everyday lives, mobile devices come and go. Duo’s self-service capabilities enable end users to manage the flow of devices into and out of their lives, without roping in the support desk. Whether they lose a device or simply replace it, they’ll be able to delete the old one as an authentication option and add in a new one. Note: In order to do this, users will need at least one additional device set up to authenticate so that they can approve the transition.
- Let them expand their horizons.
Users want to be more self-reliant. They’d much rather at least attempt to solve an issue before passing it off to support – and this goes beyond onboarding and off-boarding devices. Duo features a comprehensive Knowledge Base to allow users to track down the root cause of issues. Fostering independence allows for faster resolution and lets users to feel more in control of and more comfortable with MFA.
- Adjust policies based on end user work habits.
Users are accustomed to doing things a certain way. As long as that certain way isn’t inviting in undue threats, IT can adjust Duo to accommodate them. Duo features a customizable slate of end user policies, including operating system restrictions, settings to prevent access from devices without a passcode-protected lock screen, etc. MFA admins should work with end users to catalog their preferences and, if possible, amend policies to ensure a positive experience.
Next Steps: More secure and user-friendly with MFA
Want to learn more about Duo and how MFA can help you build a more secure and user-friendly environment? Visit: https://www.arrayasolutions.com/contact-us/. As always, leave us a comment on this or any of our blogs through social media. Arraya can be found on LinkedIn, Twitter, and Facebook. Once you’ve let us know what you think, follow us to stay updated on our industry insights and learning opportunities.