“If you're looking for a company that's going to work for your team, especially in regards to security and ease of use, Duo is definitely the way to go.”
— Jason Ransom, IT Application and Security Analyst
Level One Bank needed a convenient way to secure access to their banking systems
Duo’s two-factor authentication solution provided an easy, push-based method that was more secure than tokens
To support their BYOD policy, the bank also uses Duo’s user access policies to restrict access based on user location
Plus, they can get complete visibility into the users and devices authenticating into their network with Duo’s Device Insight
Level One Bank is a community-focused banking organization serving Southeastern Michigan.
According to their Chief Financial Officer (CFO), Dave Walker, they experienced hundreds of inbound system hacking attempts - both against their bank and their clients’ systems.
“It’s very easy to lose money if you’re not well-secured from an IT perspective,” Dave said.
The bank had been using token-based multi-factor authentication, but they knew that tokens weren’t the most secure method.
After discussing Duo’s solution with Dug Song (CEO) and Paul Dimarzo (CFO), they found that the push notification method was a more secure way to authenticate into their banking systems than tokens.
Many other large banks were using similar push-based systems for their security, which convinced Dave to ask their head of IT to look into Duo’s solution.
Level One Bank tested a pilot that worked successfully, so they launched Duo on a broader scale. From the beginning to end, the bank’s IT team had easy contact with the Duo Support team and a designated representative to help them during implementation, which was key for them to get their questions answered.
“In the end, when everybody kind of saw the benefit and actually how easy Duo really worked, it was pretty easy to roll out,” IT Application and Security Analyst Jason Ransom said.
The bank’s users were surprised by how easy Duo’s two-factor authentication was to use - the simple Approve/Deny buttons via the Duo Mobile application let them authenticate without having to remember a long password.
“There's a free app for it that they can use and it's very simple if they're used to using their smartphones. It's been great for that reason,” Jason said.
Level One Bank uses Duo’s two-factor authentication to protect access to their Microsoft cloud application, Office 365 and other third-party applications. The bank was able to integrate them easily using Duo’s SAML 2.0 support.
They also have been using the Device Insight data to figure out what users and devices are using their systems. To support their BYOD policy, they restrict access by users based on their locations using Duo’s user access policies. The bank applies more access restrictions to their most critical Microsoft applications.
“…people can now access data anywhere. We want to make sure, again, the right person is accessing that data and that's where Duo came in for us,” Jason said.
In the future, Level One Bank is planning to use Duo’s two-factor authentication solution to secure remote desktops and every user login.
“If you're looking for a company that's going to work for your team, especially in regards to security and ease of use, Duo is definitely the way to go,” Jason said.