Passwords Are the Weakest Link
The EECS servers were regularly being targeted and compromised. Even with a highly computer-literate and security-conscious workforce, admin account passwords were the weak link. To combat account takeover, DCO decided to implement two-factor authentication. They could have built their own two-factor platform or used a token-based solution available at the University of Michigan, but they chose Duo Security for its ease of deployment, simplicity of use, and cost-effectiveness.
Integration Doesn't Need to Be Complicated
Many other solutions require costly hardware with complicated setups. Duo's cloud-based solution meant DCO only needed to add a few lines of Duo-provided code to their existing servers and web applications to integrate Duo into their login flows. Duo's web APIs allowed them to quickly add Duo to their custom-built applications as well.
Make It Easy to Use and They Will Use It
Users will rebel against even mandatory systems if they're too difficult or cumbersome to use. Duo allows users to authenticate in whatever way is most convenient for them — from one touch with Duo Push, to passcodes, to callbacks, to tokens — and DCO uses them all. The convenience factor has been huge for them over a solely token-based system.
The Results: Zero Breaches
DCO was live on Duo in under two weeks and is now protecting DCO's network of over 60 Unix and Windows servers and internal web applications. Integrating Duo into their servers was trouble-free and they were able to quickly build integrations to their custom applications. Most importantly: no more accounts have been compromised since Duo was deployed.