ANN ARBOR — Duo Security, the Ann Arbor technology security provider, announced its entrance into the Federal Risk and Authorization Management Program (FedRAMP) authorization process, with sponsorship from the U.S. Department of Energy (DOE).
Duo’s cloud-based Duo Access product, which offers federal agencies an alternative to traditional card and token-based authentication methods with two-factor authentication technology, among other capabilities, is currently “In Process” on the FedRAMP Marketplace.
“The federal government’s push to modernize its IT infrastructure is not only about increasing efficiency, but protecting against cyber threats meant to derail how we function as a society and democracy,” said Dug Song, vice president and general manager of Duo Security, a Cisco business unit. “Our path to FedRAMP certification is just one component of Duo’s investment and focus on serving government agencies and helping them secure access to critical applications and data.”
Revised National Institute of Standards and Technology (NIST) guidelines and a recent Office of Management and Budget (OMB) directive on digital identity have paved the way for government agencies to transition to modern user authentication systems such as Duo to protect against rapidly evolving cyber threats. Previously, federal agencies were required to secure critical data with complex and expensive personal identity verification or common access cards.
“Government agencies are addressing strong authentication for the portion of their workforce that are often without PIV cards, such as temporary workers, contractors and others,” said Sean Frazier, Duo Advisory CISO, Federal. “Duo helps agencies fill these security gaps with a sound, simple to deploy and easy to use cloud-smart solution.”
FedRAMP’s rigorous review process ensures cloud products and services used by federal agencies meet strict security requirements and capabilities, while also helping agencies accelerate their transition from legacy IT infrastructure to modern, cloud-based technology. Duo is on track to achieve a FedRAMP Agency Authorization in collaboration with the DOE and FedRAMP Program Management Office
Duo’s focus on transparent and sound security practices earned the company Service Organization Control (SOC) 2 Type II certification in November 2017.