Cisco Secure, the leader in corporate security, today introduced the future of simple and effective security with passwordless authentication and for any infrastructure via Duo. Perfectly integrated with the Duo authentication experience already used by more than 25,000 organizations worldwide, The Duo passwordless authentication will allow business users to skip the password step and securely log in to cloud applications using security keys or biometrics built into the laptops and smartphones modern.
The consequences of using passwords are well known. Passwords are easily compromised and difficult to handle, costing businesses billions of dollars annually. Users are flooded with passwords in personal and professional life. Password reset requirements account for a large portion of requests forwarded to IT support, resulting in lost productivity for users and higher support costs for businesses.
Duo passwordless authentication is part of Cisco zero trust platform, which protects the access of any user, from any device and in any application or IT environment. The product is designed to be infrastructure agnostic, paving the way for a password-free future while ensuring that corporations can secure any combination of cloud and cloud applications. on-premises flawless, no need for multiple authentication products, and no serious security breaches.
"Cisco has strived to develop passwordless authentication that meets the needs of an ever-changing diverse workforce and enables the widest variety of businesses possible to move toward a password-free future, regardless of their IT infrastructure" , says Gee Rittenhouse, senior vice president and general manager of the Cisco Security Business group. "It's no exaggeration to say that passwordless authentication will have the most significant overall impact on how users access data, by making the easiest route the most secure."
Duo passwordless authentication will:
- Simplify and strengthen authentication for secure cloud application access by Duo single sign-on (SSO)and by other SSO and identity providers, leveraging security keys and biometrics from platforms like Apple's FaceID and TouchID and Windows Hello. Combining passwordless authentication with Duo SSO allows organizations to consolidate hundreds of passwords and authentications into a single, easy login for cloud application users.
- Offer a single security tool for all authentication scenarios, thanks to Duo\'s compatibility with hundreds of applications and identity providers, with no infrastructure change required.
- Reduce the risk of password-related threats and vulnerabilities, like phishing, stolen or weak passwords, password reuse, brute force and man-in-the-middle attacks, and compromise of password repositories.
- Add layers of security to authentication with device health and behavioral controls, further reducing the risk in the event that a biometric is stolen or becomes ineffective.
- Reduce administrative burden service requests relating to passwords and resetting passwords.
The workforces are now ready to adopt passwordless authentication. According to the survey 2020 Duo Trusted Access Report, 80% of the mobile devices used at work have biometrics configured, 12% more than in the last five years.
“Passwordless authentication is a journey that requires incremental changes in both users and IT environments, not something companies can enable overnight,” explains Wolfgang Goerlich, Advisory Chief Information for Duo Security at Cisco. “Duo can help companies transition their environments and workforces securely and minimize conflicts at the end of users, while increasing the reliability of each authentication.”
Duo's security practices are based on ISO 27001, the Cyber Security Framework (Cyber Security Standard) of the NIST (US National Institute of Standards and Technology) and the Trust Service Principles (principles of service reliability) of the AICPA ( American Association of Certified Accountants). In addition, they are designed to comply with the European Union's General Data Protection Regulation (GDPR) and other privacy legislation around the world. Duo is committed to the highest level of security for its customers – public and private – and currently holds SOC2 Type II, ISO27001:2013, ISO27017:2015 and ISO27018:2019 certifications, and is licensed by FedRAMP, the federal program US risk management and permits.
Duo passwordless authentication will be previewed to the public in the third quarter (early summer in the Northern Hemisphere) of 2021.
