What Is Trusted Access?

MFA is an access security process that verifies user identity at login with two or more identity-checking steps, supporting trusted access. Cisco Duo trusted access incorporates strong MFA designed to protect against the latest attacks that target gaps in weaker MFA solutions.

• Read more about MFA

SSO works with MFA to provide a simplified approach to authentication, providing users with one fast login to all permitted cloud or on-premises applications. There's no need to remember multiple credentials.

• Learn how SSO works

Passwordless authentication provides secure access with verification methods that don't rely on passwords. Such methods include biometrics, security keys, and mobile authenticator applications.

• Discover easier access

Device management tools gain visibility into devices to verify health before granting access. You can assess and monitor device posture, enforce access policies across managed and unmanaged devices, and spot anomalous login activity.

• Explore Duo device trust

Remote access solutions secure user and device access to cloud and on-premises applications no matter how, where, or when trusted users log in. You can enable remote access with or without a VPN.

• Explore secure remote access

Administrators can use access management solutions to create adaptive access policies for user groups and specific applications based on contextual factors like role, device, and location. With granular visibility into users and devices and policy enforcement by application, solutions can dynamically respond to risk and protect trusted users while deterring attackers.

• Discover adaptive access

Start by gathering data on your endpoints. Deploy an access management solution that provides visibility into endpoint device features. A detailed inventory of your users' devices should include platform, OS versions, model type, and plug-ins. The inventory should also list enabled security features, such as pass codes, screen lock, encryption, or Touch ID.

• Get device visibility

With granular endpoint visibility and device analysis, identify at-risk devices running outdated software that attackers could exploit to install malware on your network.

• Discover device insight

Access management software keeps authentication logs that provide data about your enrolled users and their logins. Such data includes username, time of attempt, application or integration type, authentication method used, IP address, location, and whether the access attempt failed or succeeded.

• Read about log reporting

Using information gathered from the previous stages, choose to either trust certain devices and networks or set restrictions based on custom profile groups. For example, you can require MFA for engineering users who access code repositories and business data. Others logging into less sensitive services may require fewer restrictions.

• Explore device access policies

Automated self-remediation features can notify users that their software is out of date. Users also have the option to update their browsers, plug-ins, or OS. Self-remediation makes your IT environment safer while reducing the need for help-desk calls.

• Explore Duo self-remediation

Endpoint remediation software lets administrators automatically block devices with outdated software from accessing enterprise applications. This action helps to ensure that only healthy devices are accessing your company's applications and data.

• Read about device health