Duo Security’s flagship zero-trust product – Duo Beyond – now integrates with the CyberArk Privileged Access Security Solution, empowering organizations to evaluate the security hygiene of a device before granting access to further extend security and reinforce consistent policy enforcement. The pact was announced this week.
The integration also gives organizations the ability to:
- Identify managed and unmanaged devices, and enforce access policies based on a device’s management state
- Create access policies for privileged users
- Ensure trustworthiness by checking device updates, security configurations and posture without installing agents
- Provide granular access control without deploying complex hardware and software infrastructure
Duo Beyond is modeled after Google’s BeyondCorp, a zero-trust security framework developed by Google researchers that shifts network security from a firewall-based approach to access policies based on device information, device health and the associated user. Zero-trust security requires every user and associated device to pass the same tests prior to granting access, regardless of where the access request originates.
The implementation of a zero-trust security framework via Duo Beyond builds on CyberArk’s existing integration with Duo’s ubiquitous two-factor authentication technology, used by hundreds of joint customers, including the University of Michigan, to bolster their privileged access security programs. Organizations can now layer on strong authentication with Duo’s secure Single Sign-On and Duo Beyond’s flexible policy engine on top of CyberArk Privileged Access Security Solution logins to implement a zero-trust framework.
“The attack surface that organizations need to secure as they look to protect their most privileged assets and data from unauthorized access is constantly changing,” said Adam Bosnian, executive vice president, global business development, CyberArk. “By extending CyberArk’s integrations with Duo, organizations can extend the benefits of CyberArk’s comprehensive privileged access security solution across the enterprise and apply policies consistently across dynamic work environments.”
According to a 2018 Duo analysis of 11 million enterprise devices, the average number of unique networks that users from large organizations are accessing protected data from spiked 24 percent in the past year, meaning more work is being conducted outside of the office, which could introduce risks to corporate applications and data. These fluid working practices, or Bring Your Own Device, coupled with a shift to cloud applications, improve productivity, operational efficiency and employee morale, yet are increasingly difficult to secure.
“It’s vital for organizations to take a more practical approach to protecting their privileged credentials, especially as BYOD and remote work trends make it more difficult to enforce traditional network security measures,” said Ash Devata, vice president of products, Duo. “With the integration of Duo Beyond and CyberArk Privileged Access Security Solution, we’re able to provide organizations an easy and effective approach to protecting their most sensitive account credentials with strong authentication and device security checks.”
For more information, visit https://duo.sc/cyberark.