Search for blog posts, documentation, or pages


Enterprise companies choose Duo Security for the ability to offer two-factor authentication for all their employees, on all internal and external systems. Duo supports authentication from all phone types — from smart phones to landlines — and integrates with VPNs, servers, and web applications. Deployment is fast and efficient because there’s no hardware to deploy or hardware tokens to inventory and distribute. Users register themselves and enroll their own devices, reducing the burden on system administrators and support staff.

PCI DSS Compliance

The Payment Card Industry Data Security Standards (PCI DSS) mandate that organizations who “hold, process, or pass cardholder information” meet a minimum level of security. Part of this security is protecting remote access logins with strong authentication.

Specifically, section 8.3 says that organizations must

Implement two-factor authentication for remote access to the network by employees, administrators, and third parties. Use technologies such as remote authentication and dial-in service (RADIUS) or terminal access controller access control system (TACACS) with tokens; or VPN (based on SSL/TLS or IPSEC) with individual certificates.

Duo allows organizations to easily deploy two-factor authentication using users’ existing devices. Typically, purchasing and managing hardware tokens makes two-factor authentication prohibitively complicated and expensive. Duo removes this barrier, giving your company a solution that is manageable, inexpensive, and easy-to-use.