Skip navigation

Effective October 28, 2019 Duo Security will be transitioning to Cisco's Privacy Statement. View the Duo Privacy Data Sheet.


Strong Application Access Controls

With advanced application access policies, you can ensure only the most up-to-date and healthy devices can access your applications. Duo ensures Every Application is protected as part of a complete Trusted Access solution.

Protect Every Application

By limiting access to applications, you can reduce your attack surface and exposure to vulnerabilities.

Ensure only Trusted Users and Trusted Devices can access your applications, no matter where they’re hosted - both on-premises and in the cloud by defining and enforcing rules on who can access what applications.

Define Access Policies Per Application

By creating a custom policy and assigning it to specific applications, you can restrict access based on user location, network type and device type.

For example, you can deny access to your Microsoft RDP Server from any user located in countries you don’t do business in. Or, deny access from anonymous networks and rooted devices.

You can also associate certain user groups with a specific integration, allowing you to restrict access to certain applications based on their permission level. For example, only allow your engineering team to access your code repository via SSH, or only allow your sales team to access Salesforce.

Limit Software Access to Applications

We make it easy for you to block specific software running on your users’ devices from accessing your applications. Restrict access and require the latest versions of operating systems, browsers or plugins on a per-application level.

This is useful when administrators need to set the highest security thresholds for high-risk, critical applications, or where they want to limit the support of certain software platforms for security reasons, or to improve end-user experience.

For example, you might want to encourage employees to use new and up-to-date browsers like Microsoft Edge or Google Chrome in your organization - you can set a policy to block access to your VPN from older browsers like Internet Explorer, but still allow access from other browsers platforms.

View Duo’s Policy & Controls documentation.

Simple, Secure Cloud Access

Give your users faster, secure access to their cloud applications and allow them to log into a single web portal with Duo’s single sign-on (SSO) that checks the security health of their devices every time they access your applications.

Duo’s SSO is available with Duo Access Gateway (DAG). DAG allows you to easily protect enterprise cloud apps like Google Apps, Amazon Web Services, Box, Salesforce and Microsoft Office 365.

Trusted Access

Duo's Trusted Access ensures only Trusted Users and Trusted Devices can access protected applications.

This complete security solution prevents modern attackers that often target multiple areas - including credential theft and the exploitation of known software vulnerabilities affecting outdated software versions.

  • I would recommend Duo to all admins considering deploying two­-factor authentication for their applications. Duo’s approach of providing access based on user and device health is perfectly aligned with the threats organizations face from attackers targeting users and their devices.

    — Anonymous, Manager of IT Security, Global Online Gaming Company
  • I would absolutely recommend Duo to other companies. It’s easy and has a huge breadth of capability compared to other authentication vendors on the market.

    — Adrian Roman, Information Security Manager, Betsson

Biometrics Booming! Flash Fizzling! Phishing Floundering!

The 2019 Duo Trusted Access Report: Expanding the Enterprise Perimeter with Zero-Trust Security for the Workforce

This year, more customers are using biometrics as an authentication factor to access applications with 77 percent of Duo customers having devices with biometrics enabled. Meanwhile, 71 percent of Duo customers have Flash uninstalled from their devices. And fewer Duo customers are falling for internal phishing simulations – 47 percent of phishing campaigns captured at least one set of credentials and 39 percent involved at least one out-of-date devices, which is an improvement over last year.

Check out all that data and much more in The 2019 Duo Trusted Access Report: Expanding the Enterprise Perimeter with Zero-Trust Security for the Workforce.

Download ebook