Re: Duo: love it or not so much?

[Paul Chauvet <chauvetp () NEWPALTZ EDU>]

Hi Emily (from our college neighbor from across the river), 

We've been using Duo for about two months now. We only have it on a small amount of systems at this point (VPN, 
Confluence & Jira for IT staff, some remote desktop and SSH applications). Over the next few months we expect to have 
it for administrative access to many other systems. 

Our hope is that we will use it for Banner and a few other sensitive systems for a larger population of 200-300 faculty 
and staff this time next year, primarily by integrating it with CAS. 

Our experiences with Duo have been very positive so far. It is able to 'hook into' a ton of systems with relatively 
little trouble. We expect to start using the Duo Authentication Proxy for a few systems (like vCenter & Dell Kace) 
which don't otherwise support two factor but haven't test it yet. 

Paul Chauvet 
Information Security Officer 
State University of New York at New Paltz 

Phone: (845) 257-3828 
chauvetp () newpaltz edu 

----- Original Message -----

> All:

> We're preparing to launch Single Sign On architecture as part of a larger IAM
> project, and we are looking at our options for 2-step verification /
> 2-factor authentication / whatever we like to call it these days. We have
> been advised that Duo is a good solution, and I am curious if others on this
> list have any experiences they can share. We are likely going to go this
> way, so I am seeking any positive feedback or potential warnings/gotchas we
> should look out for in our implementation.

> Thank you so much!

> ----
> Emily Harris
> Interim Information Security Officer, CIS
> Vassar College
> 845-437-7221